From launchpad at micahscomputing.com Mon Dec 3 15:08:40 2012 From: launchpad at micahscomputing.com (Micah Gersten) Date: Mon, 03 Dec 2012 15:08:40 -0000 Subject: [ubuntu/lucid-security] firefox 17.0.1+build1-0ubuntu0.10.04.1 (Accepted) Message-ID: <20121203150840.25601.28017.launchpad@ackee.canonical.com> firefox (17.0.1+build1-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream stable release (FIREFOX_17_0_1_BUILD1) - see LP: #1084548 for USN information Date: 2012-11-29 16:21:28.451200+00:00 Changed-By: Chris Coulson Signed-By: Micah Gersten https://launchpad.net/ubuntu/lucid/+source/firefox/17.0.1+build1-0ubuntu0.10.04.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 3 16:07:21 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 03 Dec 2012 16:07:21 -0000 Subject: [ubuntu/lucid-updates] firefox 17.0.1+build1-0ubuntu0.10.04.1 (Accepted) Message-ID: <20121203160721.12856.65420.launchpad@ackee.canonical.com> firefox (17.0.1+build1-0ubuntu0.10.04.1) lucid-security; urgency=low * New upstream stable release (FIREFOX_17_0_1_BUILD1) - see LP: #1084548 for USN information Date: 2012-11-29 16:21:28.451200+00:00 Changed-By: Chris Coulson Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/firefox/17.0.1+build1-0ubuntu0.10.04.1 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Tue Dec 4 00:40:29 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Tue, 04 Dec 2012 00:40:29 -0000 Subject: [ubuntu/lucid-updates] linux-ec2 2.6.32-350.57 (Accepted) Message-ID: <20121204004029.5954.9186.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-350.57) lucid-proposed; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-45.100 * Release Tracking Bug - LP: #1078882 [ Ubuntu: 2.6.32-45.100 ] * eCryptfs: check for eCryptfs cipher support at mount - LP: #338914 * net: fix divide by zero in tcp algorithm illinois - LP: #1077091 - CVE-2012-4565 Date: 2012-11-15 15:55:15.612601+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-ec2/2.6.32-350.57 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Tue Dec 4 00:40:31 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Tue, 04 Dec 2012 00:40:31 -0000 Subject: [ubuntu/lucid-security] linux-ec2 2.6.32-350.57 (Accepted) Message-ID: <20121204004031.5954.28892.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-350.57) lucid-proposed; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-45.100 * Release Tracking Bug - LP: #1078882 [ Ubuntu: 2.6.32-45.100 ] * eCryptfs: check for eCryptfs cipher support at mount - LP: #338914 * net: fix divide by zero in tcp algorithm illinois - LP: #1077091 - CVE-2012-4565 linux-ec2 (2.6.32-350.56) lucid-proposed; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-45.99 * SAUCE: XEN: Pull in RDRAND changes - LP: #1064480 * SAUCE: XEN: Backport pgd_lock fixes - LP: #1064480 * Release Tracking Bug - LP: #1068278 [ Ubuntu: 2.6.32-45.99 ] * SAUCE: omnibook: Expose PWD for standalone builds - LP: #505420 * Revert "xfs: Fix possible memory corruption in xfs_readlink, CVE-2011-4077" - LP: #1064480 * UBUNTU SAUCE: apparmor: fix IRQ stack overflow - LP: #1056078 * net/9p: fix virtio transport to correctly update status on connect - LP: #676823 * 9p: Fix the kernel crash on a failed mount - LP: #676823 * netxen: support for GbE port settings - LP: #1064480 * Fix sparc build with newer tools. - LP: #1064480 * powerpc/pmac: Fix SMP kernels on pre-core99 UP machines - LP: #1064480 * Bluetooth: btusb: fix bInterval for high/super speed isochronous endpoints - LP: #1064480 * fix pgd_lock deadlock - LP: #1064480 * futex: Fix uninterruptible loop due to gate_area - LP: #1064480 * time: Improve sanity checking of timekeeping inputs - LP: #1064480 * time: Avoid making adjustments if we haven't accumulated anything - LP: #1064480 * time: Move ktime_t overflow checking into timespec_valid_strict - LP: #1064480 * drm/i915: Attempt to fix watermark setup on 85x (v2) - LP: #1064480 * ioat2: kill pending flag - LP: #1064480 * usb: Fix deadlock in hid_reset when Dell iDRAC is reset - LP: #1064480 * oprofile: use KM_NMI slot for kmap_atomic - LP: #1064480 * tty_audit: fix tty_audit_add_data live lock on audit disabled - LP: #1064480 * bonding: 802.3ad - fix agg_device_up - LP: #1064480 * usbnet: increase URB reference count before usb_unlink_urb - LP: #1064480 * usbnet: don't clear urb->dev in tx_complete - LP: #1064480 * sched: Fix signed unsigned comparison in check_preempt_tick() - LP: #1064480 * x86/PCI: amd: factor out MMCONFIG discovery - LP: #1064480 * PNP: fix "work around Dell 1536/1546 BIOS MMCONFIG bug that breaks USB" - LP: #1064480 * KVM: x86: disallow multiple KVM_CREATE_IRQCHIP - LP: #1064480 * KVM: ia64: fix build due to typo - LP: #1064480 * xfs: Fix possible memory corruption in xfs_readlink - LP: #1064480 * xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() - LP: #1064480 * dl2k: use standard #defines from mii.h. - LP: #1064480 * tcp: Don't change unlocked socket state in tcp_v4_err(). - LP: #1064480 * x86: Derandom delay_tsc for 64 bit - LP: #1064480 * ipsec: be careful of non existing mac headers - LP: #1064480 * block, sx8: fix pointer math issue getting fw version - LP: #1064480 * nilfs2: fix NULL pointer dereference in nilfs_load_super_block() - LP: #1064480 * USB: ftdi_sio: fix problem when the manufacture is a NULL string - LP: #1064480 * ntp: Fix integer overflow when setting time - LP: #1064480 * SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() - LP: #1064480 * ext4: check for zero length extent - LP: #1064480 * xfs: Fix oops on IO error during xlog_recover_process_iunlinks() - LP: #1064480 * nfsd: don't allow zero length strings in cache_parse() - LP: #1064480 * sched/x86: Fix overflow in cyc2ns_offset - LP: #1064480 * Bluetooth: add NULL pointer check in HCI - LP: #1064480 * Bluetooth: hci_ldisc: fix NULL-pointer dereference on tty_close - LP: #1064480 * sparc64: Fix bootup crash on sun4v. - LP: #1064480 * video:uvesafb: Fix oops that uvesafb try to execute NX-protected page - LP: #1064480 * USB: serial: fix race between probe and open - LP: #1064480 * xhci: Don't write zeroed pointers to xHC registers. - LP: #1064480 * xHCI: Correct the #define XHCI_LEGACY_DISABLE_SMI - LP: #1064480 * crypto: sha512 - Fix byte counter overflow in SHA-512 - LP: #1064480 * PCI: Add quirk for still enabled interrupts on Intel Sandy Bridge GPUs - LP: #1064480 * phonet: Check input from user before allocating - LP: #1064480 * netlink: fix races after skb queueing - LP: #1064480 * net: fix a race in sock_queue_err_skb() - LP: #1064480 * atl1: fix kernel panic in case of DMA errors - LP: #1064480 * net/ethernet: ks8851_mll fix rx frame buffer overflow - LP: #1064480 * net_sched: gred: Fix oops in gred_dump() in WRED mode - LP: #1064480 * ARM: 7410/1: Add extra clobber registers for assembly in kernel_execve - LP: #1064480 * netem: fix possible skb leak - LP: #1064480 * ALSA: echoaudio: Remove incorrect part of assertion - LP: #1064480 * NFSv4: Revalidate uid/gid after open - LP: #1064480 * ext3: Fix error handling on inode bitmap corruption - LP: #1064480 * ext4: fix error handling on inode bitmap corruption - LP: #1064480 * xhci: Reset reserved command ring TRBs on cleanup. - LP: #1064480 * SCSI: fix scsi_wait_scan - LP: #1064480 * powerpc: Fix kernel panic during kernel module load - LP: #1064480 * fuse: fix stat call on 32 bit platforms - LP: #1064480 * udf: Improve table length check to avoid possible overflow - LP: #1064480 * stable: Allow merging of backports for serious user-visible performance issues - LP: #1064480 * eCryptfs: Properly check for O_RDONLY flag before doing privileged open - LP: #1064480 * USB: cdc-wdm: fix lockup on error in wdm_read - LP: #1064480 * ntp: Fix STA_INS/DEL clearing bug - LP: #1064480 * MIPS: Properly align the .data..init_task section. - LP: #1064480 * powerpc/ftrace: Fix assembly trampoline register usage - LP: #1064480 * powerpc: Add "memory" attribute for mfmsr() - LP: #1064480 * SCSI: libsas: continue revalidation - LP: #1064480 * SCSI: libsas: fix sas_discover_devices return code handling - LP: #1064480 * SCSI: fix eh wakeup (scsi_schedule_eh vs scsi_restart_operations) - LP: #1064480 * SCSI: Avoid dangling pointer in scsi_requeue_command() - LP: #1064480 * usbdevfs: Correct amount of data copied to user in processcompl_compat - LP: #1064480 * locks: fix checking of fcntl_setlease argument - LP: #1064480 * ACPI/AC: prevent OOPS on some boxes due to missing check power_supply_register() return value check - LP: #1064480 * Btrfs: call the ordered free operation without any locks held - LP: #1064480 * nfsd4: our filesystems are normally case sensitive - LP: #1064480 * ext4: don't let i_reserved_meta_blocks go negative - LP: #1064480 * sctp: Fix list corruption resulting from freeing an association on a list - LP: #1064480 * cipso: don't follow a NULL pointer when setsockopt() is called - LP: #1064480 * wanmain: comparing array with NULL - LP: #1064480 * USB: kaweth.c: use GFP_ATOMIC under spin_lock - LP: #1064480 * tcp: perform DMA to userspace only if there is a task waiting for it - LP: #1064480 * net/tun: fix ioctl() based info leaks - LP: #1064480 * USB: echi-dbgp: increase the controller wait time to come out of halt. - LP: #1064480 * ALSA: mpu401: Fix missing initialization of irq field - LP: #1064480 * futex: Test for pi_mutex on fault in futex_wait_requeue_pi() - LP: #1064480 * futex: Fix bug in WARN_ON for NULL q.pi_state - LP: #1064480 * futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi() - LP: #1064480 * pcdp: use early_ioremap/early_iounmap to access pcdp table - LP: #1064480 * mm: mmu_notifier: fix freed page still mapped in secondary MMU - LP: #1064480 * fuse: verify all ioctl retry iov elements - LP: #1064480 * xhci: Increase reset timeout for Renesas 720201 host. - LP: #1064480 * usb: serial: mos7840: Fixup mos7840_chars_in_buffer() - LP: #1064480 * ALSA: hda - fix Copyright debug message - LP: #1064480 * vfs: missed source of ->f_pos races - LP: #1064480 * NFSv3: Ensure that do_proc_get_root() reports errors correctly - LP: #1064480 * NFS: Alias the nfs module to nfs4 - LP: #1064480 * svcrpc: fix svc_xprt_enqueue/svc_recv busy-looping - LP: #1064480 * svcrpc: sends on closed socket should stop immediately - LP: #1064480 * cciss: fix incorrect scsi status reporting - LP: #1064480 * USB: CDC ACM: Fix NULL pointer dereference - LP: #1064480 * Remove user-triggerable BUG from mpol_to_str - LP: #1064480 * udf: Fix data corruption for files in ICB - LP: #1064480 * ext3: Fix fdatasync() for files with only i_size changes - LP: #1064480 * PARISC: Redefine ATOMIC_INIT and ATOMIC64_INIT to drop the casts - LP: #1064480 * dccp: check ccid before dereferencing - LP: #1064480 * ia64: Add accept4() syscall - LP: #1064480 * tcp: do_tcp_sendpages() must try to push data out on oom conditions - LP: #1064480 * tcp: drop SYN+FIN messages - LP: #1064480 * xen: correctly check for pending events when restoring irq flags - LP: #1064480 * x86, amd, xen: Avoid NULL pointer paravirt references - LP: #1064480 * x86, tls: Off by one limit check - LP: #1064480 * sparc64: Eliminate obsolete __handle_softirq() function - LP: #1064480 * udf: fix retun value on error path in udf_load_logicalvol - LP: #1064480 * mtd: cafe_nand: fix an & vs | mistake - LP: #1064480 * epoll: introduce POLLFREE to flush ->signalfd_wqh before kfree() - LP: #1064480 * epoll: ep_unregister_pollwait() can use the freed pwq->whead - LP: #1064480 * epoll: limit paths - LP: #1064480 * Don't limit non-nested epoll paths - LP: #1064480 * epoll: clear the tfile_check_list on -ELOOP - LP: #1064480 * random: Reorder struct entropy_store to remove padding on 64bits - LP: #1064480 * random: update interface comments to reflect reality - LP: #1064480 * random: simplify fips mode - LP: #1064480 * x86, cpu: Add CPU flags for F16C and RDRND - LP: #1064480 * x86, cpufeature: Update CPU feature RDRND to RDRAND - LP: #1064480 * random: Add support for architectural random hooks - LP: #1064480 * x86, random: Architectural inlines to get random integers with RDRAND - LP: #1064480 * x86, random: Verify RDRAND functionality and allow it to be disabled - LP: #1064480 * fix typo/thinko in get_random_bytes() - LP: #1064480 * random: Use arch_get_random_int instead of cycle counter if avail - LP: #1064480 * random: Use arch-specific RNG to initialize the entropy store - LP: #1064480 * random: Adjust the number of loops when initializing - LP: #1064480 * drivers/char/random.c: fix boot id uniqueness race - LP: #1064480 * random: make 'add_interrupt_randomness()' do something sane - LP: #1064480 * random: use lockless techniques in the interrupt path - LP: #1064480 * random: create add_device_randomness() interface - LP: #1064480 * random: use the arch-specific rng in xfer_secondary_pool - LP: #1064480 * random: add new get_random_bytes_arch() function - LP: #1064480 * random: mix in architectural randomness in extract_buf() - LP: #1064480 * MAINTAINERS: Theodore Ts'o is taking over the random driver - LP: #1064480 * usb: feed USB device information to the /dev/random driver - LP: #1064480 * net: feed /dev/random with the MAC address when registering a device - LP: #1064480 * random: remove rand_initialize_irq() - LP: #1064480 * random: Add comment to random_initialize() - LP: #1064480 * rtc: wm831x: Feed the write counter into device_add_randomness() - LP: #1064480 * mfd: wm831x: Feed the device UUID into device_add_randomness() - LP: #1064480 * dmi: Feed DMI table to /dev/random driver - LP: #1064480 * Linux 2.6.32.60 - LP: #1064480 Date: 2012-11-15 15:55:15.612601+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-ec2/2.6.32-350.57 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Tue Dec 4 01:24:25 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Tue, 04 Dec 2012 01:24:25 -0000 Subject: [ubuntu/lucid-proposed] linux 2.6.32-45.101 (Accepted) Message-ID: <20121204012425.18874.2233.launchpad@ackee.canonical.com> linux (2.6.32-45.101) lucid-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1085934 [ Upstream Kernel Changes ] * ipv6: discard overlapping fragment - LP: #1079859 - CVE-2012-4444 Date: 2012-12-03 15:35:22.774598+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux/2.6.32-45.101 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Tue Dec 4 14:42:12 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Tue, 04 Dec 2012 14:42:12 -0000 Subject: [ubuntu/lucid-security] linux-meta-ec2 2.6.32.350.31 (Accepted) Message-ID: <20121204144212.2756.12636.launchpad@ackee.canonical.com> linux-meta-ec2 (2.6.32.350.31) lucid-proposed; urgency=low * Bump linux-ec2 ABI to 350 for proposed release Date: 2012-10-22 17:45:30.313938+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-meta-ec2/2.6.32.350.31 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Wed Dec 5 17:47:22 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Wed, 05 Dec 2012 17:47:22 -0000 Subject: [ubuntu/lucid-security] cups 1.4.3-1ubuntu1.9 (Accepted) Message-ID: <20121205174722.23757.73933.launchpad@ackee.canonical.com> cups (1.4.3-1ubuntu1.9) lucid-security; urgency=low * SECURITY UPDATE: privilege escalation via config file editing - debian/patches/CVE-2012-5519.dpatch: split configuration file into two, to isolate options that have a security impact. - debian/cups.install: also install cups-files.conf - debian/patches/removecvstag.dpatch: updated to remove tag from cups-files.conf. - CVE-2012-5519 cups (1.4.3-1ubuntu1.6) lucid-proposed; urgency=low * debian/patches/cupsd-fix-crash-on-sighup.dpatch: Fixed crash of the scheduler (CUPS daemon) on the SIGHUP signal (sent on log rotation, restart, ..., LP: #857663). Date: 2012-12-04 15:15:13.549244+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/cups/1.4.3-1ubuntu1.9 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 5 18:29:26 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 05 Dec 2012 18:29:26 -0000 Subject: [ubuntu/lucid-updates] cups 1.4.3-1ubuntu1.9 (Accepted) Message-ID: <20121205182926.4509.53694.launchpad@ackee.canonical.com> cups (1.4.3-1ubuntu1.9) lucid-security; urgency=low * SECURITY UPDATE: privilege escalation via config file editing - debian/patches/CVE-2012-5519.dpatch: split configuration file into two, to isolate options that have a security impact. - debian/cups.install: also install cups-files.conf - debian/patches/removecvstag.dpatch: updated to remove tag from cups-files.conf. - CVE-2012-5519 Date: 2012-12-04 15:15:13.549244+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/cups/1.4.3-1ubuntu1.9 -------------- next part -------------- Sorry, changesfile not available. From seth.arnold at canonical.com Wed Dec 5 20:03:13 2012 From: seth.arnold at canonical.com (Seth Arnold) Date: Wed, 05 Dec 2012 20:03:13 -0000 Subject: [ubuntu/lucid-security] tiff 3.9.2-2ubuntu0.12 (Accepted) Message-ID: <20121205200313.1010.91001.launchpad@ackee.canonical.com> tiff (3.9.2-2ubuntu0.12) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags. - debian/patches/CVE-2012-5581.patch: remove special cases of tags, improve DOTRANGE tag case - CVE-2012-5581 Date: 2012-12-04 05:40:34.724896+00:00 Changed-By: Seth Arnold https://launchpad.net/ubuntu/lucid/+source/tiff/3.9.2-2ubuntu0.12 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 5 20:29:16 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 05 Dec 2012 20:29:16 -0000 Subject: [ubuntu/lucid-updates] tiff 3.9.2-2ubuntu0.12 (Accepted) Message-ID: <20121205202916.9627.3923.launchpad@ackee.canonical.com> tiff (3.9.2-2ubuntu0.12) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible code execution via PAGENUMBER, HALFTONEHINTS, YCBCRSUBSAMPLING, and DOTRANGE tags. - debian/patches/CVE-2012-5581.patch: remove special cases of tags, improve DOTRANGE tag case - CVE-2012-5581 Date: 2012-12-04 05:40:34.724896+00:00 Changed-By: Seth Arnold Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/tiff/3.9.2-2ubuntu0.12 -------------- next part -------------- Sorry, changesfile not available. From seth.arnold at canonical.com Wed Dec 5 23:20:21 2012 From: seth.arnold at canonical.com (Seth Arnold) Date: Wed, 05 Dec 2012 23:20:21 -0000 Subject: [ubuntu/lucid-security] libxml2 2.7.6.dfsg-1ubuntu1.7 (Accepted) Message-ID: <20121205232021.23591.86934.launchpad@ackee.canonical.com> libxml2 (2.7.6.dfsg-1ubuntu1.7) lucid-security; urgency=low * SECURITY UPDATE: buffer underflow in xmlParseAttValueComplex() - debian/patches/CVE-2012-5134.patch: add array bounds checking in parser.c, thanks to Daniel Veillard - http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d - CVE-2012-5134 Date: 2012-12-05 01:05:11.514111+00:00 Changed-By: Seth Arnold https://launchpad.net/ubuntu/lucid/+source/libxml2/2.7.6.dfsg-1ubuntu1.7 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 5 23:59:19 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 05 Dec 2012 23:59:19 -0000 Subject: [ubuntu/lucid-updates] libxml2 2.7.6.dfsg-1ubuntu1.7 (Accepted) Message-ID: <20121205235919.29556.90785.launchpad@ackee.canonical.com> libxml2 (2.7.6.dfsg-1ubuntu1.7) lucid-security; urgency=low * SECURITY UPDATE: buffer underflow in xmlParseAttValueComplex() - debian/patches/CVE-2012-5134.patch: add array bounds checking in parser.c, thanks to Daniel Veillard - http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d - CVE-2012-5134 Date: 2012-12-05 01:05:11.514111+00:00 Changed-By: Seth Arnold Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/libxml2/2.7.6.dfsg-1ubuntu1.7 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 6 20:27:13 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 06 Dec 2012 20:27:13 -0000 Subject: [ubuntu/lucid-proposed] linux-meta-lts-backport-oneiric 3.0.0.29.17 (Accepted) Message-ID: <20121206202713.16299.2502.launchpad@ackee.canonical.com> linux-meta-lts-backport-oneiric (3.0.0.29.17) lucid-proposed; urgency=low * linux-oneiric 3.0.0-29.46 Date: 2012-12-05 11:45:44.744904+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-meta-lts-backport-oneiric/3.0.0.29.17 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 6 20:27:17 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 06 Dec 2012 20:27:17 -0000 Subject: [ubuntu/lucid-proposed] linux-lts-backport-oneiric 3.0.0-29.46~lucid1 (Accepted) Message-ID: <20121206202717.16299.48887.launchpad@ackee.canonical.com> linux-lts-backport-oneiric (3.0.0-29.46~lucid1) lucid-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1086597 [ Upstream Kernel Changes ] * ath9k: fix stale pointers potentially causing access to free'd skbs - LP: #1081645 * rt2800: validate step value for temperature compensation - LP: #1081645 * target: Don't return success from module_init() if setup fails - LP: #1081645 * cfg80211: fix antenna gain handling - LP: #1081645 * wireless: drop invalid mesh address extension frames - LP: #1081645 * mac80211: don't inspect Sequence Control field on control frames - LP: #1081645 * DRM/Radeon: Fix Load Detection on legacy primary DAC. - LP: #1081645 * mac80211: check management frame header length - LP: #1081645 * mac80211: fix SSID copy on IBSS JOIN - LP: #1081645 * nfsv3: Make v3 mounts fail with ETIMEDOUTs instead EIO on mountd timeouts - LP: #1081645 * nfs: Show original device name verbatim in /proc/*/mount{s,info} - LP: #1081645 * NFSv4: nfs4_locku_done must release the sequence id - LP: #1081645 * nfsd: add get_uint for u32's - LP: #1081645 * NFS: fix bug in legacy DNS resolver. - LP: #1081645 * NFS: Fix Oopses in nfs_lookup_revalidate and nfs4_lookup_revalidate - LP: #1081645 * drm: restore open_count if drm_setup fails - LP: #1081645 * hwmon: (w83627ehf) Force initial bank selection - LP: #1081645 * ALSA: PCM: Fix some races at disconnection - LP: #1081645 * ALSA: usb-audio: Fix races at disconnection - LP: #1081645 * ALSA: usb-audio: Use rwsem for disconnect protection - LP: #1081645 * ALSA: usb-audio: Fix races at disconnection in mixer_quirks.c - LP: #1081645 * ALSA: Add a reference counter to card instance - LP: #1081645 * ALSA: Avoid endless sleep after disconnect - LP: #1081645 * sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter() - LP: #1081645 * netlink: use kfree_rcu() in netlink_release() - LP: #1081645 * tcp: fix FIONREAD/SIOCINQ - LP: #1081645 * ipv6: Set default hoplimit as zero. - LP: #1081645 * net: usb: Fix memory leak on Tx data path - LP: #1081645 * l2tp: fix oops in l2tp_eth_create() error path - LP: #1081645 * ipv6: send unsolicited neighbour advertisements to all-nodes - LP: #1081645 * futex: Handle futex_pi OWNER_DIED take over correctly - LP: #1081645 * drm/vmwgfx: Fix hibernation device reset - LP: #1081645 * drm/i915: fixup infoframe support for sdvo - LP: #1081645 * drm/i915: clear the entire sdvo infoframe buffer - LP: #1081645 * USB: mos7840: remove unused variable - LP: #1081645 * xfs: fix reading of wrapped log data - LP: #1081645 * intel-iommu: Fix AB-BA lockdep report - LP: #1081645 * ALSA: Fix card refcount unbalance - LP: #1081645 * ALSA: usb-audio: Fix mutex deadlock at disconnection - LP: #1081645 * Linux 3.0.52 - LP: #1081645 * mm: bugfix: set current->reclaim_state to NULL while returning from kswapd() - LP: #1083318 * fanotify: fix missing break - LP: #1083318 * crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption - LP: #1083318 * ALSA: hda: Cirrus: Fix coefficient index for beep configuration - LP: #1083318 * ALSA: hda - Force to reset IEC958 status bits for AD codecs - LP: #1083318, #359361 * ASoC: wm8978: pll incorrectly configured when codec is master - LP: #1083318 * ASoC: dapm: Use card_list during DAPM shutdown - LP: #1083318 * UBIFS: fix mounting problems after power cuts - LP: #1083318 * UBIFS: introduce categorized lprops counter - LP: #1083318 * s390/gup: add missing TASK_SIZE check to get_user_pages_fast() - LP: #1083318 * USB: option: add Novatel E362 and Dell Wireless 5800 USB IDs - LP: #1083318 * USB: option: add Alcatel X220/X500D USB IDs - LP: #1083318 * wireless: allow 40 MHz on world roaming channels 12/13 - LP: #1083318 * m68k: fix sigset_t accessor functions - LP: #1083318 * ipv4: avoid undefined behavior in do_ip_setsockopt() - LP: #1083318 * ipv6: setsockopt(IPIPPROTO_IPV6, IPV6_MINHOPCOUNT) forgot to set return value - LP: #1083318 * net: correct check in dev_addr_del() - LP: #1083318 * net-rps: Fix brokeness causing OOO packets - LP: #1083318 * r8169: use unlimited DMA burst for TX - LP: #1083318 * kbuild: Fix gcc -x syntax - LP: #1083318 * netfilter: Validate the sequence number of dataless ACK packets as well - LP: #1083318 * netfilter: Mark SYN/ACK packets as invalid from original direction - LP: #1083318 * netfilter: nf_nat: don't check for port change on ICMP tuples - LP: #1083318 * usb: use usb_serial_put in usb_serial_probe errors - LP: #1083318 * sky2: Fix for interrupt handler - LP: #1083318 * drm/i915: fix overlay on i830M - LP: #1083318 * NFS: Wait for session recovery to finish before returning - LP: #1083318 * reiserfs: Fix lock ordering during remount - LP: #1083318 * reiserfs: Protect reiserfs_quota_on() with write lock - LP: #1083318 * reiserfs: Move quota calls out of write lock - LP: #1083318 * reiserfs: Protect reiserfs_quota_write() with write lock - LP: #1083318 * selinux: fix sel_netnode_insert() suspicious rcu dereference - LP: #1083318 * PCI : ability to relocate assigned pci-resources - LP: #1083318 * PCI : Calculate right add_size - LP: #1083318 * Resource: fix wrong resource window calculation - LP: #1083318 * Linux 3.0.53 - LP: #1083318 * mm/hotplug: correctly add new zone to all other nodes' zone lists - LP: #1079860 - CVE-2012-5517 * Bluetooth: ath3k: Add support for VAIO VPCEH [0489:e027] - LP: #898826 Date: 2012-12-05 11:45:20.212235+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-lts-backport-oneiric/3.0.0-29.46~lucid1 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 6 20:25:21 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 06 Dec 2012 20:25:21 -0000 Subject: [ubuntu/lucid-proposed] linux-ec2 2.6.32-350.58 (Accepted) Message-ID: <20121206202521.14816.39787.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-350.58) lucid-proposed; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-45.101 * Release Tracking Bug - LP: #1086183 [ Ubuntu: 2.6.32-45.101 ] * ipv6: discard overlapping fragment - LP: #1079859 - CVE-2012-4444 Date: 2012-12-05 15:25:11.761794+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-ec2/2.6.32-350.58 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Mon Dec 10 14:13:39 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Mon, 10 Dec 2012 14:13:39 -0000 Subject: [ubuntu/lucid-security] mysql-dfsg-5.1 5.1.66-0ubuntu0.10.04.3 (Accepted) Message-ID: <20121210141339.21333.11686.launchpad@ackee.canonical.com> mysql-dfsg-5.1 (5.1.66-0ubuntu0.10.04.3) lucid-security; urgency=low * SECURITY UPDATE: arbitrary code execution via long argument - debian/patches/99_CVE-2012-5611.patch: don't overflow buffer in sql/sql_acl.cc, add tests to mysql-test/t/information_schema.test, mysql-test/r/information_schema.result. - CVE-2012-5611 mysql-dfsg-5.1 (5.1.66-0ubuntu0.10.04.2) lucid-proposed; urgency=low * Alter apparmor profile to allow loading plugins (LP: #617463) Date: 2012-12-07 20:25:11.862866+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/mysql-dfsg-5.1/5.1.66-0ubuntu0.10.04.3 -------------- next part -------------- Sorry, changesfile not available. From cjwatson at canonical.com Mon Dec 10 14:16:14 2012 From: cjwatson at canonical.com (Colin Watson) Date: Mon, 10 Dec 2012 14:16:14 -0000 Subject: [ubuntu/lucid-updates] ethos 0.2.2-1ubuntu0.1 (Accepted) Message-ID: <20121210141614.21894.92932.launchpad@ackee.canonical.com> ethos (0.2.2-1ubuntu0.1) lucid-proposed; urgency=low * Backport patch from Debian BTS #575384 to make libethos-ui-dev depend on libethos-dev and libethos-ui-1.0-0. LP: #1055158 Date: 2012-11-29 23:30:09.822814+00:00 Changed-By: Rolf Leggewie Maintainer: Mathieu Trudel-Lapierre Signed-By: Colin Watson https://launchpad.net/ubuntu/lucid/+source/ethos/0.2.2-1ubuntu0.1 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Mon Dec 10 14:26:19 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Mon, 10 Dec 2012 14:26:19 -0000 Subject: [ubuntu/lucid-security] gimp 2.6.8-2ubuntu1.6 (Accepted) Message-ID: <20121210142619.26353.32940.launchpad@ackee.canonical.com> gimp (2.6.8-2ubuntu1.6) lucid-security; urgency=low * SECURITY UPDATE: code execution via malformed xwd files - debian/patches/13_CVE-2012-5576.patch: validate sizes in plug-ins/common/file-xwd.c. - CVE-2012-5576 Date: 2012-12-06 19:30:15.331573+00:00 Changed-By: Marc Deslauriers Maintainer: Ubuntu Desktop https://launchpad.net/ubuntu/lucid/+source/gimp/2.6.8-2ubuntu1.6 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 10 14:59:16 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 10 Dec 2012 14:59:16 -0000 Subject: [ubuntu/lucid-updates] gimp 2.6.8-2ubuntu1.6 (Accepted) Message-ID: <20121210145916.4400.23476.launchpad@ackee.canonical.com> gimp (2.6.8-2ubuntu1.6) lucid-security; urgency=low * SECURITY UPDATE: code execution via malformed xwd files - debian/patches/13_CVE-2012-5576.patch: validate sizes in plug-ins/common/file-xwd.c. - CVE-2012-5576 Date: 2012-12-06 19:30:15.331573+00:00 Changed-By: Marc Deslauriers Maintainer: Ubuntu Desktop Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/gimp/2.6.8-2ubuntu1.6 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 10 14:59:18 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 10 Dec 2012 14:59:18 -0000 Subject: [ubuntu/lucid-updates] mysql-dfsg-5.1 5.1.66-0ubuntu0.10.04.3 (Accepted) Message-ID: <20121210145918.4400.53877.launchpad@ackee.canonical.com> mysql-dfsg-5.1 (5.1.66-0ubuntu0.10.04.3) lucid-security; urgency=low * SECURITY UPDATE: arbitrary code execution via long argument - debian/patches/99_CVE-2012-5611.patch: don't overflow buffer in sql/sql_acl.cc, add tests to mysql-test/t/information_schema.test, mysql-test/r/information_schema.result. - CVE-2012-5611 mysql-dfsg-5.1 (5.1.66-0ubuntu0.10.04.2) lucid-proposed; urgency=low * Alter apparmor profile to allow loading plugins (LP: #617463) Date: 2012-12-07 20:25:11.862866+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/mysql-dfsg-5.1/5.1.66-0ubuntu0.10.04.3 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Mon Dec 10 18:30:25 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Mon, 10 Dec 2012 18:30:25 -0000 Subject: [ubuntu/lucid-security] linux 2.6.32-45.101 (Accepted) Message-ID: <20121210183025.5148.4620.launchpad@ackee.canonical.com> linux (2.6.32-45.101) lucid-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1085934 [ Upstream Kernel Changes ] * ipv6: discard overlapping fragment - LP: #1079859 - CVE-2012-4444 Date: 2012-12-03 15:35:22.774598+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux/2.6.32-45.101 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Mon Dec 10 18:29:35 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Mon, 10 Dec 2012 18:29:35 -0000 Subject: [ubuntu/lucid-updates] linux 2.6.32-45.101 (Accepted) Message-ID: <20121210182935.4270.80256.launchpad@ackee.canonical.com> linux (2.6.32-45.101) lucid-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1085934 [ Upstream Kernel Changes ] * ipv6: discard overlapping fragment - LP: #1079859 - CVE-2012-4444 Date: 2012-12-03 15:35:22.774598+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux/2.6.32-45.101 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Tue Dec 11 16:26:16 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Tue, 11 Dec 2012 16:26:16 -0000 Subject: [ubuntu/lucid-security] pgbouncer 1.3.1-3ubuntu0.1 (Accepted) Message-ID: <20121211162616.19605.59473.launchpad@ackee.canonical.com> pgbouncer (1.3.1-3ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service when too long db name is provided (LP: #1083414) - debian/patches/04-CVE-2012-4575.dpatch: objects.c(add_database): fail gracefully if too long db name. Based on upstream patch. - CVE-2012-4575 Date: 2012-12-11 12:55:17.005271+00:00 Changed-By: Christian Kuersteiner Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/pgbouncer/1.3.1-3ubuntu0.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Tue Dec 11 16:58:14 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Tue, 11 Dec 2012 16:58:14 -0000 Subject: [ubuntu/lucid-updates] pgbouncer 1.3.1-3ubuntu0.1 (Accepted) Message-ID: <20121211165814.28212.93407.launchpad@ackee.canonical.com> pgbouncer (1.3.1-3ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service when too long db name is provided (LP: #1083414) - debian/patches/04-CVE-2012-4575.dpatch: objects.c(add_database): fail gracefully if too long db name. Based on upstream patch. - CVE-2012-4575 Date: 2012-12-11 12:55:17.005271+00:00 Changed-By: Christian Kuersteiner Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/pgbouncer/1.3.1-3ubuntu0.1 -------------- next part -------------- Sorry, changesfile not available. From martin.pitt at ubuntu.com Wed Dec 12 05:12:06 2012 From: martin.pitt at ubuntu.com (Martin Pitt) Date: Wed, 12 Dec 2012 05:12:06 -0000 Subject: [ubuntu/lucid-proposed] postgresql-8.4 8.4.15-0ubuntu10.04 (Accepted) Message-ID: <20121212051206.25795.41647.launchpad@gac.canonical.com> postgresql-8.4 (8.4.15-0ubuntu10.04) lucid-proposed; urgency=low * New upstream bug fix release: (LP: #1088393) - Fix multiple bugs associated with "CREATE INDEX CONCURRENTLY" Fix "CREATE INDEX CONCURRENTLY" to use in-place updates when changing the state of an index's pg_index row. This prevents race conditions that could cause concurrent sessions to miss updating the target index, thus resulting in corrupt concurrently-created indexes. Also, fix various other operations to ensure that they ignore invalid indexes resulting from a failed "CREATE INDEX CONCURRENTLY" command. The most important of these is "VACUUM", because an auto-vacuum could easily be launched on the table before corrective action can be taken to fix or remove the invalid index. - See HISTORY/changelog.gz for details about other bug fixes. Date: Mon, 10 Dec 2012 15:53:42 +0100 Changed-By: Martin Pitt Maintainer: Ubuntu Developers https://launchpad.net/ubuntu/lucid/+source/postgresql-8.4/8.4.15-0ubuntu10.04 -------------- next part -------------- Format: 1.8 Date: Mon, 10 Dec 2012 15:53:42 +0100 Source: postgresql-8.4 Binary: libpq-dev libpq5 libecpg6 libecpg-dev libecpg-compat3 libpgtypes3 postgresql-8.4 postgresql-client-8.4 postgresql-server-dev-8.4 postgresql-doc-8.4 postgresql-contrib-8.4 postgresql-plperl-8.4 postgresql-plpython-8.4 postgresql-pltcl-8.4 postgresql postgresql-client postgresql-doc postgresql-contrib Architecture: source Version: 8.4.15-0ubuntu10.04 Distribution: lucid-proposed Urgency: low Maintainer: Ubuntu Developers Changed-By: Martin Pitt Description: libecpg-compat3 - older version of run-time library for ECPG programs libecpg-dev - development files for ECPG (Embedded PostgreSQL for C) libecpg6 - run-time library for ECPG programs libpgtypes3 - shared library libpgtypes for PostgreSQL 8.4 libpq-dev - header files for libpq5 (PostgreSQL library) libpq5 - PostgreSQL C client library postgresql - object-relational SQL database (supported version) postgresql-8.4 - object-relational SQL database, version 8.4 server postgresql-client - front-end programs for PostgreSQL (supported version) postgresql-client-8.4 - front-end programs for PostgreSQL 8.4 postgresql-contrib - additional facilities for PostgreSQL (supported version) postgresql-contrib-8.4 - additional facilities for PostgreSQL postgresql-doc - documentation for the PostgreSQL database management system postgresql-doc-8.4 - documentation for the PostgreSQL database management system postgresql-plperl-8.4 - PL/Perl procedural language for PostgreSQL 8.4 postgresql-plpython-8.4 - PL/Python procedural language for PostgreSQL 8.4 postgresql-pltcl-8.4 - PL/Tcl procedural language for PostgreSQL 8.4 postgresql-server-dev-8.4 - development files for PostgreSQL 8.4 server-side programming Launchpad-Bugs-Fixed: 1088393 Changes: postgresql-8.4 (8.4.15-0ubuntu10.04) lucid-proposed; urgency=low . * New upstream bug fix release: (LP: #1088393) - Fix multiple bugs associated with "CREATE INDEX CONCURRENTLY" Fix "CREATE INDEX CONCURRENTLY" to use in-place updates when changing the state of an index's pg_index row. This prevents race conditions that could cause concurrent sessions to miss updating the target index, thus resulting in corrupt concurrently-created indexes. Also, fix various other operations to ensure that they ignore invalid indexes resulting from a failed "CREATE INDEX CONCURRENTLY" command. The most important of these is "VACUUM", because an auto-vacuum could easily be launched on the table before corrective action can be taken to fix or remove the invalid index. - See HISTORY/changelog.gz for details about other bug fixes. Checksums-Sha1: 7cd47345c8765858a19c662e3c6bc7a5f17c6c93 3328 postgresql-8.4_8.4.15-0ubuntu10.04.dsc aab1ed9b4b2631ec32789ca213cb8ebe326bcc42 18462545 postgresql-8.4_8.4.15.orig.tar.gz 0a35683c615ae8d8b63db2d55bebd32f1ec574c4 52200 postgresql-8.4_8.4.15-0ubuntu10.04.diff.gz Checksums-Sha256: 359b0723f41f2df5083511b981c3456ea63a697ad5cf094626a87774878a2e36 3328 postgresql-8.4_8.4.15-0ubuntu10.04.dsc 2e6d06096aae69be9ca6cc45ca75fad4608be3db9ee83bafa548818bfd04cc1e 18462545 postgresql-8.4_8.4.15.orig.tar.gz a866168b6f30940e290478a9efd5898da034754e0147ac0a2b1c0df74ffc5139 52200 postgresql-8.4_8.4.15-0ubuntu10.04.diff.gz Files: 0260d8ed8646f4ea8a189718df5b5c10 3328 database optional postgresql-8.4_8.4.15-0ubuntu10.04.dsc 653ba9e2cb338525473257c45d08aea2 18462545 database optional postgresql-8.4_8.4.15.orig.tar.gz 962118df1409e075232ad0458db7f987 52200 database optional postgresql-8.4_8.4.15-0ubuntu10.04.diff.gz Original-Maintainer: Martin Pitt From adconrad at 0c3.net Thu Dec 13 00:10:28 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 13 Dec 2012 00:10:28 -0000 Subject: [ubuntu/lucid-updates] linux-ec2 2.6.32-350.58 (Accepted) Message-ID: <20121213001028.19398.24585.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-350.58) lucid-proposed; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-45.101 * Release Tracking Bug - LP: #1086183 [ Ubuntu: 2.6.32-45.101 ] * ipv6: discard overlapping fragment - LP: #1079859 - CVE-2012-4444 Date: 2012-12-05 15:25:11.761794+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-ec2/2.6.32-350.58 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 13 00:10:30 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 13 Dec 2012 00:10:30 -0000 Subject: [ubuntu/lucid-security] linux-ec2 2.6.32-350.58 (Accepted) Message-ID: <20121213001030.19398.38089.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-350.58) lucid-proposed; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-45.101 * Release Tracking Bug - LP: #1086183 [ Ubuntu: 2.6.32-45.101 ] * ipv6: discard overlapping fragment - LP: #1079859 - CVE-2012-4444 Date: 2012-12-05 15:25:11.761794+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-ec2/2.6.32-350.58 -------------- next part -------------- Sorry, changesfile not available. From chris.coulson at canonical.com Fri Dec 14 17:07:53 2012 From: chris.coulson at canonical.com (Chris Coulson) Date: Fri, 14 Dec 2012 17:07:53 -0000 Subject: [ubuntu/lucid-proposed] adobe-flashplugin 11.2.202.258-0lucid1 (Accepted) Message-ID: <20121214170753.25626.65435.launchpad@chaenomeles.canonical.com> adobe-flashplugin (11.2.202.258-0lucid1) lucid; urgency=low * New upstream release v11.2.202.258 Date: Fri, 14 Dec 2012 16:13:29 +0000 Changed-By: Chris Coulson Maintainer: DL-Flash Player Ubuntu https://launchpad.net/ubuntu/lucid/+source/adobe-flashplugin/11.2.202.258-0lucid1 -------------- next part -------------- Format: 1.8 Date: Fri, 14 Dec 2012 16:13:29 +0000 Source: adobe-flashplugin Binary: adobe-flashplugin adobe-flash-properties-gtk adobe-flash-properties-kde Architecture: source Version: 11.2.202.258-0lucid1 Distribution: lucid Urgency: low Maintainer: DL-Flash Player Ubuntu Changed-By: Chris Coulson Description: adobe-flash-properties-gtk - GTK+ control panel for Adobe Flash Player plugin version 11 adobe-flash-properties-kde - KDE control panel Adobe Flash Player plugin version 11 adobe-flashplugin - Adobe Flash Player plugin version 11 Changes: adobe-flashplugin (11.2.202.258-0lucid1) lucid; urgency=low . * New upstream release v11.2.202.258 Checksums-Sha1: d5c33c6836cee7d0bed119ef3a00c844fb9303e6 1731 adobe-flashplugin_11.2.202.258-0lucid1.dsc c4d018f96697df16ac8b13da24c3691a527d64e1 5188 adobe-flashplugin_11.2.202.258-0lucid1.diff.gz Checksums-Sha256: 4076182643f63ad18b78ede2fa4f40a0e9550a25213cf4c9bba4f7640486fd45 1731 adobe-flashplugin_11.2.202.258-0lucid1.dsc a943bd761f9fc18f4aae3ee87f94ae27e15894e6378ad19cf2b73718c411fd8c 5188 adobe-flashplugin_11.2.202.258-0lucid1.diff.gz Files: fc4c805c655c23bf8fcb418f59f213ac 1731 partner/web optional adobe-flashplugin_11.2.202.258-0lucid1.dsc 89c42b1cc9ff3b3166f96f0e461419f9 5188 partner/web optional adobe-flashplugin_11.2.202.258-0lucid1.diff.gz From jamie at ubuntu.com Fri Dec 14 18:09:12 2012 From: jamie at ubuntu.com (Jamie Strandboge) Date: Fri, 14 Dec 2012 18:09:12 -0000 Subject: [ubuntu/lucid] adobe-flashplugin 11.2.202.258-0lucid1 (Accepted) Message-ID: <20121214180912.13964.62903.launchpad@ackee.canonical.com> adobe-flashplugin (11.2.202.258-0lucid1) lucid; urgency=low * New upstream release v11.2.202.258 adobe-flashplugin (11.2.202.251-0quantal1) quantal; urgency=low * New upstream release v11.2.202.251 Date: 2012-12-14 17:05:14.685457+00:00 Changed-By: Chris Coulson Signed-By: Jamie Strandboge https://launchpad.net/ubuntu/lucid/+source/adobe-flashplugin/11.2.202.258-0lucid1 -------------- next part -------------- Sorry, changesfile not available. From jamie at ubuntu.com Fri Dec 14 19:24:17 2012 From: jamie at ubuntu.com (Jamie Strandboge) Date: Fri, 14 Dec 2012 19:24:17 -0000 Subject: [ubuntu/lucid-security] flashplugin-nonfree 11.2.202.258ubuntu0.10.04.1 (Accepted) Message-ID: <20121214192417.4276.67249.launchpad@ackee.canonical.com> flashplugin-nonfree (11.2.202.258ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release 11.2.202.258 - debian/{config,postinst.in}: Updated version and sha256sum. Date: 2012-12-14 16:40:33.448485+00:00 Changed-By: Chris Coulson Signed-By: Jamie Strandboge https://launchpad.net/ubuntu/lucid/+source/flashplugin-nonfree/11.2.202.258ubuntu0.10.04.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Fri Dec 14 19:59:14 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Fri, 14 Dec 2012 19:59:14 -0000 Subject: [ubuntu/lucid-updates] flashplugin-nonfree 11.2.202.258ubuntu0.10.04.1 (Accepted) Message-ID: <20121214195914.15214.135.launchpad@ackee.canonical.com> flashplugin-nonfree (11.2.202.258ubuntu0.10.04.1) lucid-security; urgency=low * New upstream release 11.2.202.258 - debian/{config,postinst.in}: Updated version and sha256sum. Date: 2012-12-14 16:40:33.448485+00:00 Changed-By: Chris Coulson Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/flashplugin-nonfree/11.2.202.258ubuntu0.10.04.1 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Mon Dec 17 15:50:18 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Mon, 17 Dec 2012 15:50:18 -0000 Subject: [ubuntu/lucid-security] bogofilter 1.2.1-0ubuntu1.2 (Accepted) Message-ID: <20121217155018.27727.16619.launchpad@ackee.canonical.com> bogofilter (1.2.1-0ubuntu1.2) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible arbitrary code execution via heap corruption - src/iconvert.c, src/tests/t.crash-invalid-base64, src/test/Makefile.*: properly check outbytesleft, add tests. - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6973 - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6975 - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6986 - CVE-2012-5468 Date: 2012-12-17 15:10:36.094967+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/bogofilter/1.2.1-0ubuntu1.2 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 17 16:29:16 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 17 Dec 2012 16:29:16 -0000 Subject: [ubuntu/lucid-updates] bogofilter 1.2.1-0ubuntu1.2 (Accepted) Message-ID: <20121217162916.6505.73150.launchpad@ackee.canonical.com> bogofilter (1.2.1-0ubuntu1.2) lucid-security; urgency=low * SECURITY UPDATE: denial of service and possible arbitrary code execution via heap corruption - src/iconvert.c, src/tests/t.crash-invalid-base64, src/test/Makefile.*: properly check outbytesleft, add tests. - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6973 - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6975 - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6986 - CVE-2012-5468 Date: 2012-12-17 15:10:36.094967+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/bogofilter/1.2.1-0ubuntu1.2 -------------- next part -------------- Sorry, changesfile not available. From jamie at ubuntu.com Mon Dec 17 22:36:29 2012 From: jamie at ubuntu.com (Jamie Strandboge) Date: Mon, 17 Dec 2012 22:36:29 -0000 Subject: [ubuntu/lucid-security] apport 1.13.3-0ubuntu2.2 (Accepted) Message-ID: <20121217223629.21787.71380.launchpad@ackee.canonical.com> apport (1.13.3-0ubuntu2.2) lucid-security; urgency=low * bin/apport-bug: Explicitly set the PATH to that of ENV_SUPATH in /etc/login.defs and unset ENV and CDPATH. We need do this so that confined applications which use apport-bug cannot abuse the environment to escape AppArmor confinement via this script (LP: #1045986). Date: 2012-09-05 22:10:54.704125+00:00 Changed-By: Jamie Strandboge Maintainer: Martin Pitt https://launchpad.net/ubuntu/lucid/+source/apport/1.13.3-0ubuntu2.2 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 17 23:29:16 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 17 Dec 2012 23:29:16 -0000 Subject: [ubuntu/lucid-updates] apport 1.13.3-0ubuntu2.2 (Accepted) Message-ID: <20121217232916.6102.94453.launchpad@ackee.canonical.com> apport (1.13.3-0ubuntu2.2) lucid-security; urgency=low * bin/apport-bug: Explicitly set the PATH to that of ENV_SUPATH in /etc/login.defs and unset ENV and CDPATH. We need do this so that confined applications which use apport-bug cannot abuse the environment to escape AppArmor confinement via this script (LP: #1045986). Date: 2012-09-05 22:10:54.704125+00:00 Changed-By: Jamie Strandboge Maintainer: Martin Pitt Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/apport/1.13.3-0ubuntu2.2 -------------- next part -------------- Sorry, changesfile not available. From jamie at ubuntu.com Tue Dec 18 22:42:17 2012 From: jamie at ubuntu.com (Jamie Strandboge) Date: Tue, 18 Dec 2012 22:42:17 -0000 Subject: [ubuntu/lucid-security] znc 0.078-1ubuntu0.1 (Accepted) Message-ID: <20121218224217.13446.99296.launchpad@ackee.canonical.com> znc (0.078-1ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service caused by NULL pointer dereference (LP: #1090195) - debian/patches/cve-2010-2448.patch: modify znc.cpp to prevent NULL pointer dereference. Based on upstream patch. - CVE-2010-2448 - CVE-2010-2488 * SECURITY UPDATE: denial of service caused by PING command without arguments (LP: #1090195) - debian/patches/cve-2010-2812.patch: modify Client.cpp to correctly handle PING commands that have no arguments. Based on upstream patch. - CVE-2010-2812 * SECURITY UPDATE: denial of service via unknown vectors related to "unsafe substr() calls" (LP: #1090195) - debian/patches/cve-2010-2934.patch: modify IRCSock.cpp, modules/adminlog.cpp, modules/away.cpp, and modules/email.cpp to remove unsafe substr() calls. Based on upstream patch. - CVE-2010-2934 Date: 2012-12-18 13:55:11.546875+00:00 Changed-By: Thomas Ward Signed-By: Jamie Strandboge https://launchpad.net/ubuntu/lucid/+source/znc/0.078-1ubuntu0.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Tue Dec 18 23:29:14 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Tue, 18 Dec 2012 23:29:14 -0000 Subject: [ubuntu/lucid-updates] znc 0.078-1ubuntu0.1 (Accepted) Message-ID: <20121218232914.28651.71526.launchpad@ackee.canonical.com> znc (0.078-1ubuntu0.1) lucid-security; urgency=low * SECURITY UPDATE: denial of service caused by NULL pointer dereference (LP: #1090195) - debian/patches/cve-2010-2448.patch: modify znc.cpp to prevent NULL pointer dereference. Based on upstream patch. - CVE-2010-2448 - CVE-2010-2488 * SECURITY UPDATE: denial of service caused by PING command without arguments (LP: #1090195) - debian/patches/cve-2010-2812.patch: modify Client.cpp to correctly handle PING commands that have no arguments. Based on upstream patch. - CVE-2010-2812 * SECURITY UPDATE: denial of service via unknown vectors related to "unsafe substr() calls" (LP: #1090195) - debian/patches/cve-2010-2934.patch: modify IRCSock.cpp, modules/adminlog.cpp, modules/away.cpp, and modules/email.cpp to remove unsafe substr() calls. Based on upstream patch. - CVE-2010-2934 Date: 2012-12-18 13:55:11.546875+00:00 Changed-By: Thomas Ward Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/znc/0.078-1ubuntu0.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson at canonical.com Wed Dec 19 10:35:21 2012 From: cjwatson at canonical.com (Colin Watson) Date: Wed, 19 Dec 2012 10:35:21 -0000 Subject: [ubuntu/lucid-updates] postgresql-8.4 8.4.15-0ubuntu10.04 (Accepted) Message-ID: <20121219103521.4578.40451.launchpad@ackee.canonical.com> postgresql-8.4 (8.4.15-0ubuntu10.04) lucid-proposed; urgency=low * New upstream bug fix release: (LP: #1088393) - Fix multiple bugs associated with "CREATE INDEX CONCURRENTLY" Fix "CREATE INDEX CONCURRENTLY" to use in-place updates when changing the state of an index's pg_index row. This prevents race conditions that could cause concurrent sessions to miss updating the target index, thus resulting in corrupt concurrently-created indexes. Also, fix various other operations to ensure that they ignore invalid indexes resulting from a failed "CREATE INDEX CONCURRENTLY" command. The most important of these is "VACUUM", because an auto-vacuum could easily be launched on the table before corrective action can be taken to fix or remove the invalid index. - See HISTORY/changelog.gz for details about other bug fixes. Date: 2012-12-10 15:25:09.762439+00:00 Changed-By: Martin Pitt Signed-By: Colin Watson https://launchpad.net/ubuntu/lucid/+source/postgresql-8.4/8.4.15-0ubuntu10.04 -------------- next part -------------- Sorry, changesfile not available. From cjwatson at canonical.com Wed Dec 19 10:37:14 2012 From: cjwatson at canonical.com (Colin Watson) Date: Wed, 19 Dec 2012 10:37:14 -0000 Subject: [ubuntu/lucid-updates] sudo 1.7.2p1-1ubuntu5.5 (Accepted) Message-ID: <20121219103714.5609.89440.launchpad@ackee.canonical.com> sudo (1.7.2p1-1ubuntu5.5) lucid-proposed; urgency=low * toke.{cl}: avoid duplicate fclose() of the sudoers file (LP: #553786) - http://www.sudo.ws/repos/sudo/rev/164d39108dde Date: 2012-11-22 21:25:26.889558+00:00 Changed-By: Marc Deslauriers Signed-By: Colin Watson https://launchpad.net/ubuntu/lucid/+source/sudo/1.7.2p1-1ubuntu5.5 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Wed Dec 19 13:22:17 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Wed, 19 Dec 2012 13:22:17 -0000 Subject: [ubuntu/lucid-security] ffmpeg 4:0.5.9-0ubuntu0.10.04.2 (Accepted) Message-ID: <20121219132217.25584.24267.launchpad@ackee.canonical.com> ffmpeg (4:0.5.9-0ubuntu0.10.04.2) lucid-security; urgency=low * SECURITY UPDATE: security issues in decode_pic - debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in libavcodec/cavsdec.c. - CVE-2012-2777 - CVE-2012-2784 * SECURITY UPDATE: out of array read in avi_read_packet function - debian/patches/CVE-2012-2788.patch: use accurate size in libavformat/avidec.c. - CVE-2012-2788 * SECURITY UPDATE: out of array writes in avs.c - debian/patches/CVE-2012-2801.patch: force dimensions in libavcodec/avs.c. - CVE-2012-2801 Date: 2012-12-18 17:55:11.499568+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/ffmpeg/4:0.5.9-0ubuntu0.10.04.2 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 19 13:58:12 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 19 Dec 2012 13:58:12 -0000 Subject: [ubuntu/lucid-updates] ffmpeg 4:0.5.9-0ubuntu0.10.04.2 (Accepted) Message-ID: <20121219135812.3480.52703.launchpad@ackee.canonical.com> ffmpeg (4:0.5.9-0ubuntu0.10.04.2) lucid-security; urgency=low * SECURITY UPDATE: security issues in decode_pic - debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in libavcodec/cavsdec.c. - CVE-2012-2777 - CVE-2012-2784 * SECURITY UPDATE: out of array read in avi_read_packet function - debian/patches/CVE-2012-2788.patch: use accurate size in libavformat/avidec.c. - CVE-2012-2788 * SECURITY UPDATE: out of array writes in avs.c - debian/patches/CVE-2012-2801.patch: force dimensions in libavcodec/avs.c. - CVE-2012-2801 Date: 2012-12-18 17:55:11.499568+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/ffmpeg/4:0.5.9-0ubuntu0.10.04.2 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Wed Dec 19 14:03:14 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Wed, 19 Dec 2012 14:03:14 -0000 Subject: [ubuntu/lucid-security] dtach 0.8-2ubuntu0.10.04.1 (Accepted) Message-ID: <20121219140314.5615.262.launchpad@ackee.canonical.com> dtach (0.8-2ubuntu0.10.04.1) lucid-security; urgency=low * SECURITY-UPDATE: information disclosure on unclean disconnect (LP: #1088355) - attach.c(attach_main): Clean check of read operation. Based on upstream patch (http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812) - CVE-2012-3368 Date: 2012-12-19 13:15:16.021865+00:00 Changed-By: Christian Kuersteiner Signed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/dtach/0.8-2ubuntu0.10.04.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 19 14:28:13 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 19 Dec 2012 14:28:13 -0000 Subject: [ubuntu/lucid-updates] dtach 0.8-2ubuntu0.10.04.1 (Accepted) Message-ID: <20121219142813.13957.56541.launchpad@ackee.canonical.com> dtach (0.8-2ubuntu0.10.04.1) lucid-security; urgency=low * SECURITY-UPDATE: information disclosure on unclean disconnect (LP: #1088355) - attach.c(attach_main): Clean check of read operation. Based on upstream patch (http://sourceforge.net/tracker/download.php?group_id=36489&atid=417357&file_id=441195&aid=3517812) - CVE-2012-3368 Date: 2012-12-19 13:15:16.021865+00:00 Changed-By: Christian Kuersteiner Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/dtach/0.8-2ubuntu0.10.04.1 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Wed Dec 19 16:15:18 2012 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Wed, 19 Dec 2012 16:15:18 -0000 Subject: [ubuntu/lucid-security] ffmpeg-extra 4:0.5.9-0ubuntu0.10.04.2 (Accepted) Message-ID: <20121219161518.15434.12110.launchpad@ackee.canonical.com> ffmpeg-extra (4:0.5.9-0ubuntu0.10.04.2) lucid-security; urgency=low * SECURITY UPDATE: security issues in decode_pic - debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in libavcodec/cavsdec.c. - CVE-2012-2777 - CVE-2012-2784 * SECURITY UPDATE: out of array read in avi_read_packet function - debian/patches/CVE-2012-2788.patch: use accurate size in libavformat/avidec.c. - CVE-2012-2788 * SECURITY UPDATE: out of array writes in avs.c - debian/patches/CVE-2012-2801.patch: force dimensions in libavcodec/avs.c. - CVE-2012-2801 Date: 2012-12-19 14:25:13.627884+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/lucid/+source/ffmpeg-extra/4:0.5.9-0ubuntu0.10.04.2 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Wed Dec 19 16:41:12 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Wed, 19 Dec 2012 16:41:12 -0000 Subject: [ubuntu/lucid-updates] linux-meta-lts-backport-oneiric 3.0.0.29.17 (Accepted) Message-ID: <20121219164112.23731.49938.launchpad@ackee.canonical.com> linux-meta-lts-backport-oneiric (3.0.0.29.17) lucid-proposed; urgency=low * linux-oneiric 3.0.0-29.46 Date: 2012-12-05 11:45:44.744904+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-meta-lts-backport-oneiric/3.0.0.29.17 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Wed Dec 19 16:41:13 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Wed, 19 Dec 2012 16:41:13 -0000 Subject: [ubuntu/lucid-security] linux-meta-lts-backport-oneiric 3.0.0.29.17 (Accepted) Message-ID: <20121219164113.23731.58144.launchpad@ackee.canonical.com> linux-meta-lts-backport-oneiric (3.0.0.29.17) lucid-proposed; urgency=low * linux-oneiric 3.0.0-29.46 Date: 2012-12-05 11:45:44.744904+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-meta-lts-backport-oneiric/3.0.0.29.17 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Wed Dec 19 16:41:25 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Wed, 19 Dec 2012 16:41:25 -0000 Subject: [ubuntu/lucid-updates] linux-lts-backport-oneiric 3.0.0-29.46~lucid1 (Accepted) Message-ID: <20121219164125.23731.12563.launchpad@ackee.canonical.com> linux-lts-backport-oneiric (3.0.0-29.46~lucid1) lucid-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1086597 [ Upstream Kernel Changes ] * ath9k: fix stale pointers potentially causing access to free'd skbs - LP: #1081645 * rt2800: validate step value for temperature compensation - LP: #1081645 * target: Don't return success from module_init() if setup fails - LP: #1081645 * cfg80211: fix antenna gain handling - LP: #1081645 * wireless: drop invalid mesh address extension frames - LP: #1081645 * mac80211: don't inspect Sequence Control field on control frames - LP: #1081645 * DRM/Radeon: Fix Load Detection on legacy primary DAC. - LP: #1081645 * mac80211: check management frame header length - LP: #1081645 * mac80211: fix SSID copy on IBSS JOIN - LP: #1081645 * nfsv3: Make v3 mounts fail with ETIMEDOUTs instead EIO on mountd timeouts - LP: #1081645 * nfs: Show original device name verbatim in /proc/*/mount{s,info} - LP: #1081645 * NFSv4: nfs4_locku_done must release the sequence id - LP: #1081645 * nfsd: add get_uint for u32's - LP: #1081645 * NFS: fix bug in legacy DNS resolver. - LP: #1081645 * NFS: Fix Oopses in nfs_lookup_revalidate and nfs4_lookup_revalidate - LP: #1081645 * drm: restore open_count if drm_setup fails - LP: #1081645 * hwmon: (w83627ehf) Force initial bank selection - LP: #1081645 * ALSA: PCM: Fix some races at disconnection - LP: #1081645 * ALSA: usb-audio: Fix races at disconnection - LP: #1081645 * ALSA: usb-audio: Use rwsem for disconnect protection - LP: #1081645 * ALSA: usb-audio: Fix races at disconnection in mixer_quirks.c - LP: #1081645 * ALSA: Add a reference counter to card instance - LP: #1081645 * ALSA: Avoid endless sleep after disconnect - LP: #1081645 * sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter() - LP: #1081645 * netlink: use kfree_rcu() in netlink_release() - LP: #1081645 * tcp: fix FIONREAD/SIOCINQ - LP: #1081645 * ipv6: Set default hoplimit as zero. - LP: #1081645 * net: usb: Fix memory leak on Tx data path - LP: #1081645 * l2tp: fix oops in l2tp_eth_create() error path - LP: #1081645 * ipv6: send unsolicited neighbour advertisements to all-nodes - LP: #1081645 * futex: Handle futex_pi OWNER_DIED take over correctly - LP: #1081645 * drm/vmwgfx: Fix hibernation device reset - LP: #1081645 * drm/i915: fixup infoframe support for sdvo - LP: #1081645 * drm/i915: clear the entire sdvo infoframe buffer - LP: #1081645 * USB: mos7840: remove unused variable - LP: #1081645 * xfs: fix reading of wrapped log data - LP: #1081645 * intel-iommu: Fix AB-BA lockdep report - LP: #1081645 * ALSA: Fix card refcount unbalance - LP: #1081645 * ALSA: usb-audio: Fix mutex deadlock at disconnection - LP: #1081645 * Linux 3.0.52 - LP: #1081645 * mm: bugfix: set current->reclaim_state to NULL while returning from kswapd() - LP: #1083318 * fanotify: fix missing break - LP: #1083318 * crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption - LP: #1083318 * ALSA: hda: Cirrus: Fix coefficient index for beep configuration - LP: #1083318 * ALSA: hda - Force to reset IEC958 status bits for AD codecs - LP: #1083318, #359361 * ASoC: wm8978: pll incorrectly configured when codec is master - LP: #1083318 * ASoC: dapm: Use card_list during DAPM shutdown - LP: #1083318 * UBIFS: fix mounting problems after power cuts - LP: #1083318 * UBIFS: introduce categorized lprops counter - LP: #1083318 * s390/gup: add missing TASK_SIZE check to get_user_pages_fast() - LP: #1083318 * USB: option: add Novatel E362 and Dell Wireless 5800 USB IDs - LP: #1083318 * USB: option: add Alcatel X220/X500D USB IDs - LP: #1083318 * wireless: allow 40 MHz on world roaming channels 12/13 - LP: #1083318 * m68k: fix sigset_t accessor functions - LP: #1083318 * ipv4: avoid undefined behavior in do_ip_setsockopt() - LP: #1083318 * ipv6: setsockopt(IPIPPROTO_IPV6, IPV6_MINHOPCOUNT) forgot to set return value - LP: #1083318 * net: correct check in dev_addr_del() - LP: #1083318 * net-rps: Fix brokeness causing OOO packets - LP: #1083318 * r8169: use unlimited DMA burst for TX - LP: #1083318 * kbuild: Fix gcc -x syntax - LP: #1083318 * netfilter: Validate the sequence number of dataless ACK packets as well - LP: #1083318 * netfilter: Mark SYN/ACK packets as invalid from original direction - LP: #1083318 * netfilter: nf_nat: don't check for port change on ICMP tuples - LP: #1083318 * usb: use usb_serial_put in usb_serial_probe errors - LP: #1083318 * sky2: Fix for interrupt handler - LP: #1083318 * drm/i915: fix overlay on i830M - LP: #1083318 * NFS: Wait for session recovery to finish before returning - LP: #1083318 * reiserfs: Fix lock ordering during remount - LP: #1083318 * reiserfs: Protect reiserfs_quota_on() with write lock - LP: #1083318 * reiserfs: Move quota calls out of write lock - LP: #1083318 * reiserfs: Protect reiserfs_quota_write() with write lock - LP: #1083318 * selinux: fix sel_netnode_insert() suspicious rcu dereference - LP: #1083318 * PCI : ability to relocate assigned pci-resources - LP: #1083318 * PCI : Calculate right add_size - LP: #1083318 * Resource: fix wrong resource window calculation - LP: #1083318 * Linux 3.0.53 - LP: #1083318 * mm/hotplug: correctly add new zone to all other nodes' zone lists - LP: #1079860 - CVE-2012-5517 * Bluetooth: ath3k: Add support for VAIO VPCEH [0489:e027] - LP: #898826 linux (3.0.0-28.45) oneiric-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1078663 [ Tim Gardner ] * [Config] updateconfigs for stable updates [ Upstream Kernel Changes ] * Revert "SUNRPC: Ensure we close the socket on EPIPE errors too..." - LP: #1075332 * mn10300: only add -mmem-funcs to KBUILD_CFLAGS if gcc supports it - LP: #1067857 * kbuild: make: fix if_changed when command contains backslashes - LP: #1067857 * media: rc: ite-cir: Initialise ite_dev::rdev earlier - LP: #1067857 * ACPI: run _OSC after ACPI_FULL_INITIALIZATION - LP: #1067857 * PCI: acpiphp: check whether _ADR evaluation succeeded - LP: #1067857 * lib/gcd.c: prevent possible div by 0 - LP: #1067857 * kernel/sys.c: call disable_nonboot_cpus() in kernel_restart() - LP: #1067857 * drivers/scsi/atp870u.c: fix bad use of udelay - LP: #1067857 * workqueue: add missing smp_wmb() in process_one_work() - LP: #1067857 * xfrm: Workaround incompatibility of ESN and async crypto - LP: #1067857 * xfrm_user: return error pointer instead of NULL - LP: #1067857 * xfrm_user: return error pointer instead of NULL #2 - LP: #1067857 * xfrm: fix a read lock imbalance in make_blackhole - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_auth() - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_state() - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_policy() - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_tmpl() - LP: #1067857 * xfrm_user: don't copy esn replay window twice for new states - LP: #1067857 * xfrm_user: ensure user supplied esn replay window is valid - LP: #1067857 * net: ethernet: davinci_cpdma: decrease the desc count when cleaning up the remaining packets - LP: #1067857 * ixp4xx_hss: fix build failure due to missing linux/module.h inclusion - LP: #1067857 * netxen: check for root bus in netxen_mask_aer_correctable - LP: #1067857 * net-sched: sch_cbq: avoid infinite loop - LP: #1067857 * pkt_sched: fix virtual-start-time update in QFQ - LP: #1067857 * sierra_net: Endianess bug fix. - LP: #1067857 * 8021q: fix mac_len recomputation in vlan_untag() - LP: #1067857 * ipv6: release reference of ip6_null_entry's dst entry in __ip6_del_rt - LP: #1067857 * tcp: flush DMA queue before sk_wait_data if rcv_wnd is zero - LP: #1067857 * sctp: Don't charge for data in sndbuf again when transmitting packet - LP: #1067857 * pppoe: drop PPPOX_ZOMBIEs in pppoe_release - LP: #1067857 * net: small bug on rxhash calculation - LP: #1067857 * net: guard tcp_set_keepalive() to tcp sockets - LP: #1067857 * ipv4: raw: fix icmp_filter() - LP: #1067857 * ipv6: raw: fix icmpv6_filter() - LP: #1067857 * ipv6: mip6: fix mip6_mh_filter() - LP: #1067857 * l2tp: fix a typo in l2tp_eth_dev_recv() - LP: #1067857 * netrom: copy_datagram_iovec can fail - LP: #1067857 * net: do not disable sg for packets requiring no checksum - LP: #1067857 * aoe: assert AoE packets marked as requiring no checksum - LP: #1067857 * tg3: Fix TSO CAP for 5704 devs w / ASF enabled - LP: #1067857 * SCSI: zfcp: Make trace record tags unique - LP: #1067857 * SCSI: zfcp: Do not wakeup while suspended - LP: #1067857 * SCSI: zfcp: remove invalid reference to list iterator variable - LP: #1067857 * SCSI: zfcp: restore refcount check on port_remove - LP: #1067857 * SCSI: zfcp: only access zfcp_scsi_dev for valid scsi_device - LP: #1067857 * PCI: Check P2P bridge for invalid secondary/subordinate range - LP: #1067857 * ext4: online defrag is not supported for journaled files - LP: #1067857 * ext4: always set i_op in ext4_mknod() - LP: #1067857 * ext4: fix fdatasync() for files with only i_size changes - LP: #1067857 * ASoC: wm9712: Fix name of Capture Switch - LP: #1067857 * mm: fix invalidate_complete_page2() lock ordering - LP: #1067857 * mm: thp: fix pmd_present for split_huge_page and PROT_NONE with THP - LP: #1067857 * ALSA: aloop - add locking to timer access - LP: #1067857 * ALSA: usb - disable broken hw volume for Tenx TP6911 - LP: #1067857, #559939 * ALSA: USB: Support for (original) Xbox Communicator - LP: #1067857 * drm/radeon: only adjust default clocks on NI GPUs - LP: #1067857 * drm/radeon: Add MSI quirk for gateway RS690 - LP: #1067857 * drm/radeon: force MSIs on RS690 asics - LP: #1067857 * rcu: Fix day-one dyntick-idle stall-warning bug - LP: #1067857 * r8169: fix wake on lan setting for non-8111E. - LP: #1067857 * r8169: don't enable rx when shutdown. - LP: #1067857 * r8169: remove erroneous processing of always set bit. - LP: #1067857 * r8169: jumbo fixes. - LP: #1067857 * r8169: expand received packet length indication. - LP: #1067857 * r8169: increase the delay parameter of pm_schedule_suspend - LP: #1067857 * r8169: Rx FIFO overflow fixes. - LP: #1067857 * r8169: fix Config2 MSIEnable bit setting. - LP: #1067857 * r8169: missing barriers. - LP: #1067857 * r8169: runtime resume before shutdown. - LP: #1067857 * r8169: Config1 is read-only on 8168c and later. - LP: #1067857 * r8169: 8168c and later require bit 0x20 to be set in Config2 for PME signaling. - LP: #1067857 * r8169: fix unsigned int wraparound with TSO - LP: #1067857 * r8169: call netif_napi_del at errpaths and at driver unload - LP: #1067857 * revert "mm: mempolicy: Let vma_merge and vma_split handle vma->vm_policy linkages" - LP: #1067857 * mempolicy: remove mempolicy sharing - LP: #1067857 * mempolicy: fix a race in shared_policy_replace() - LP: #1067857 * mempolicy: fix refcount leak in mpol_set_shared_policy() - LP: #1067857 * mempolicy: fix a memory corruption by refcount imbalance in alloc_pages_vma() - LP: #1067857 * CPU hotplug, cpusets, suspend: Don't modify cpusets during suspend/resume - LP: #1067857 * mtd: autcpu12-nvram: Fix compile breakage - LP: #1067857 * mtd: nandsim: bugfix: fail if overridesize is too big - LP: #1067857 * mtd: nand: Use the mirror BBT descriptor when reading its version - LP: #1067857 * mtd: omap2: fix omap_nand_remove segfault - LP: #1067857 * mtd: omap2: fix module loading - LP: #1067857 * Linux 3.0.46 - LP: #1067857 * eCryptfs: check for eCryptfs cipher support at mount - LP: #338914 * ARM: vfp: fix saving d16-d31 vfp registers on v6+ kernels - LP: #1069914 * lockd: use rpc client's cl_nodename for id encoding - LP: #1069914 * ACPI: EC: Make the GPE storm threshold a module parameter - LP: #1069914 * ACPI: EC: Add a quirk for CLEVO M720T/M730T laptop - LP: #1069914 * mips,kgdb: fix recursive page fault with CONFIG_KPROBES - LP: #1069914 * tmpfs,ceph,gfs2,isofs,reiserfs,xfs: fix fh_len checking - LP: #1069914 * ARM: 7541/1: Add ARM ERRATA 775420 workaround - LP: #1069914 * firewire: cdev: fix user memory corruption (i386 userland on amd64 kernel) - LP: #1069914 * SUNRPC: Ensure that the TCP socket is closed when in CLOSE_WAIT - LP: #1069914 * xen/bootup: allow {read|write}_cr8 pvops call. - LP: #1069914 * xen/bootup: allow read_tscp call for Xen PV guests. - LP: #1069914 * autofs4 - fix reset pending flag on mount fail - LP: #1069914 * module: taint kernel when lve module is loaded - LP: #1069914 * video/udlfb: fix line counting in fb_write - LP: #1069914 * viafb: don't touch clock state on OLPC XO-1.5 - LP: #1069914 * timers: Fix endless looping between cascade() and internal_add_timer() - LP: #1069914 * pktgen: fix crash when generating IPv6 packets - LP: #1069914 * tg3: Apply short DMA frag workaround to 5906 - LP: #1069914 * ipvs: fix oops in ip_vs_dst_event on rmmod - LP: #1069914 * netfilter: nf_conntrack: fix racy timer handling with reliable events - LP: #1069914 * netfilter: nf_ct_ipv4: packets with wrong ihl are invalid - LP: #1069914 * netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP expectation - LP: #1069914 * ipvs: fix oops on NAT reply in br_nf context - LP: #1069914 * netfilter: nf_nat_sip: fix via header translation with multiple parameters - LP: #1069914 * netfilter: nf_ct_expect: fix possible access to uninitialized timer - LP: #1069914 * netfilter: limit, hashlimit: avoid duplicated inline - LP: #1069914 * netfilter: xt_limit: have r->cost != 0 case work - LP: #1069914 * Add CDC-ACM support for the CX93010-2x UCMxx USB Modem - LP: #1069914 * drm/radeon: Don't destroy I2C Bus Rec in radeon_ext_tmds_enc_destroy(). - LP: #1069914 * jbd: Fix assertion failure in commit code due to lacking transaction credits - LP: #1069914 * x86, random: Architectural inlines to get random integers with RDRAND - LP: #1069914 * x86, random: Verify RDRAND functionality and allow it to be disabled - LP: #1069914 * tpm: Propagate error from tpm_transmit to fix a timeout hang - LP: #1069914 * udf: fix retun value on error path in udf_load_logicalvol - LP: #1069914 * ALSA: ac97 - Fix missing NULL check in snd_ac97_cvol_new() - LP: #1069914 * ALSA: emu10k1: add chip details for E-mu 1010 PCIe card - LP: #1069914 * Linux 3.0.47 - LP: #1069914 * Linux 3.0.48 - LP: #1069939 * drm/i915: apply timing generator bug workaround on CPT and PPT - LP: #1041315 * arch/tile: avoid generating .eh_frame information in modules - LP: #1075329 * NLM: nlm_lookup_file() may return NLMv4-specific error codes - LP: #1075329 * oprofile, x86: Fix wrapping bug in op_x86_get_ctrl() - LP: #1075329 * SUNRPC: Prevent kernel stack corruption on long values of flush - LP: #1075329 * Revert: lockd: use rpc client's cl_nodename for id encoding - LP: #1075329 * pcmcia: sharpsl: don't discard sharpsl_pcmcia_ops - LP: #1075329 * kernel/sys.c: fix stack memory content leak via UNAME26 - LP: #1075329 - CVE-2012-0957 * use clamp_t in UNAME26 fix - LP: #1075329 * x86: Exclude E820_RESERVED regions and memory holes above 4 GB from direct mapping. - LP: #1075329 * xen/x86: don't corrupt %eip when returning from a signal handler - LP: #1075329 * USB: cdc-acm: fix pipe type of write endpoint - LP: #1075329 * usb: acm: fix the computation of the number of data bits - LP: #1075329 * USB: option: blacklist net interface on ZTE devices - LP: #1075329 * USB: option: add more ZTE devices - LP: #1075329 * cgroup: notify_on_release may not be triggered in some cases - LP: #1075329 * amd64_edac:__amd64_set_scrub_rate(): avoid overindexing scrubrates[] - LP: #1075329 * media: au0828: fix case where STREAMOFF being called on stopped stream causes BUG() - LP: #1075329 * net: Fix skb_under_panic oops in neigh_resolve_output - LP: #1075329 * skge: Add DMA mask quirk for Marvell 88E8001 on ASUS P5NSLI motherboard - LP: #1075329 * RDS: fix rds-ping spinlock recursion - LP: #1075329 * tcp: resets are misrouted - LP: #1075329 * sparc64: fix ptrace interaction with force_successful_syscall_return() - LP: #1075329 * sparc64: Like x86 we should check current->mm during perf backtrace generation. - LP: #1075329 * sparc64: Fix bit twiddling in sparc_pmu_enable_event(). - LP: #1075329 * sparc64: do not clobber personality flags in sys_sparc64_personality() - LP: #1075329 * sparc64: Be less verbose during vmemmap population. - LP: #1075329 * xHCI: add cmd_ring_state - LP: #1075329 * xHCI: add aborting command ring function - LP: #1075329 * xHCI: cancel command after command timeout - LP: #1075329 * xHCI: handle command after aborting the command ring - LP: #1075329 * Linux 3.0.49 - LP: #1075329 * gen_init_cpio: avoid stack overflow when expanding - LP: #1075332 * fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check - LP: #1075332 * drivers/rtc/rtc-imxdi.c: add missing spin lock initialization - LP: #1075332 * genalloc: stop crashing the system when destroying a pool - LP: #1075332 * ARM: 7559/1: smp: switch away from the idmap before updating init_mm.mm_count - LP: #1075332 * SUNRPC: Get rid of the xs_error_report socket callback - LP: #1075332 * SUNRPC: Clear the connect flag when socket state is TCP_CLOSE_WAIT - LP: #1075332 * SUNRPC: Prevent races in xs_abort_connection() - LP: #1075332 * sysfs: sysfs_pathname/sysfs_add_one: Use strlcat() instead of strcat() - LP: #1075332 * ehci: fix Lucid nohandoff pci quirk to be more generic with BIOS versions - LP: #1075332 * ehci: Add yet-another Lucid nohandoff pci quirk - LP: #1075332 * usb-storage: add unusual_devs entry for Casio EX-N1 digital camera - LP: #1075332 * usb hub: send clear_tt_buffer_complete events when canceling TT clear work - LP: #1075332 * USB: whiteheat: fix memory leak in error path - LP: #1075332 * USB: opticon: fix DMA from stack - LP: #1075332 * USB: opticon: fix memory leak in error path - LP: #1075332 * USB: serial: Fix memory leak in sierra_release() - LP: #1075332 * USB: sierra: fix memory leak in attach error path - LP: #1075332 * USB: sierra: fix memory leak in probe error path - LP: #1075332 * USB: mos7840: fix urb leak at release - LP: #1075332 * USB: mos7840: fix port-device leak in error path - LP: #1075332 * USB: mos7840: remove NULL-urb submission - LP: #1075332 * USB: mos7840: remove invalid disconnect handling - LP: #1075332 * xhci: Fix potential NULL ptr deref in command cancellation. - LP: #1075332 * vhost: fix mergeable bufs on BE hosts - LP: #1075332 * ARM: at91/i2c: change id to let i2c-gpio work - LP: #1075332 * mac80211: check if key has TKIP type before updating IV - LP: #1075332 * bcma: fix unregistration of cores - LP: #1075332 * cpufreq / powernow-k8: Remove usage of smp_processor_id() in preemptible code - LP: #1075332 * x86, mm: Find_early_table_space based on ranges that are actually being mapped - LP: #1075332 * x86, mm: Undo incorrect revert in arch/x86/mm/init.c - LP: #1075332 * staging: comedi: amplc_pc236: fix invalid register access during detach - LP: #1075332 * drm/i915: no lvds quirk for Zotac ZDBOX SD ID12/ID13 - LP: #1075332 * Linux 3.0.50 - LP: #1075332 * floppy: do put_disk on current dr if blk_init_queue fails - LP: #1075335 * x86: Remove the ancient and deprecated disable_hlt() and enable_hlt() facility - LP: #1075335 * mm: fix XFS oops due to dirty pages without buffers on s390 - LP: #1075335 * drm/nouveau: silence modesetting spam on pre-gf8 chipsets - LP: #1075335 * Linux 3.0.51 - LP: #1075335 * net: fix divide by zero in tcp algorithm illinois - LP: #1077091 - CVE-2012-4565 Date: 2012-12-05 11:45:20.212235+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-lts-backport-oneiric/3.0.0-29.46~lucid1 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Wed Dec 19 16:41:31 2012 From: adconrad at 0c3.net (Adam Conrad) Date: Wed, 19 Dec 2012 16:41:31 -0000 Subject: [ubuntu/lucid-security] linux-lts-backport-oneiric 3.0.0-29.46~lucid1 (Accepted) Message-ID: <20121219164131.23731.5248.launchpad@ackee.canonical.com> linux-lts-backport-oneiric (3.0.0-29.46~lucid1) lucid-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1086597 [ Upstream Kernel Changes ] * ath9k: fix stale pointers potentially causing access to free'd skbs - LP: #1081645 * rt2800: validate step value for temperature compensation - LP: #1081645 * target: Don't return success from module_init() if setup fails - LP: #1081645 * cfg80211: fix antenna gain handling - LP: #1081645 * wireless: drop invalid mesh address extension frames - LP: #1081645 * mac80211: don't inspect Sequence Control field on control frames - LP: #1081645 * DRM/Radeon: Fix Load Detection on legacy primary DAC. - LP: #1081645 * mac80211: check management frame header length - LP: #1081645 * mac80211: fix SSID copy on IBSS JOIN - LP: #1081645 * nfsv3: Make v3 mounts fail with ETIMEDOUTs instead EIO on mountd timeouts - LP: #1081645 * nfs: Show original device name verbatim in /proc/*/mount{s,info} - LP: #1081645 * NFSv4: nfs4_locku_done must release the sequence id - LP: #1081645 * nfsd: add get_uint for u32's - LP: #1081645 * NFS: fix bug in legacy DNS resolver. - LP: #1081645 * NFS: Fix Oopses in nfs_lookup_revalidate and nfs4_lookup_revalidate - LP: #1081645 * drm: restore open_count if drm_setup fails - LP: #1081645 * hwmon: (w83627ehf) Force initial bank selection - LP: #1081645 * ALSA: PCM: Fix some races at disconnection - LP: #1081645 * ALSA: usb-audio: Fix races at disconnection - LP: #1081645 * ALSA: usb-audio: Use rwsem for disconnect protection - LP: #1081645 * ALSA: usb-audio: Fix races at disconnection in mixer_quirks.c - LP: #1081645 * ALSA: Add a reference counter to card instance - LP: #1081645 * ALSA: Avoid endless sleep after disconnect - LP: #1081645 * sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter() - LP: #1081645 * netlink: use kfree_rcu() in netlink_release() - LP: #1081645 * tcp: fix FIONREAD/SIOCINQ - LP: #1081645 * ipv6: Set default hoplimit as zero. - LP: #1081645 * net: usb: Fix memory leak on Tx data path - LP: #1081645 * l2tp: fix oops in l2tp_eth_create() error path - LP: #1081645 * ipv6: send unsolicited neighbour advertisements to all-nodes - LP: #1081645 * futex: Handle futex_pi OWNER_DIED take over correctly - LP: #1081645 * drm/vmwgfx: Fix hibernation device reset - LP: #1081645 * drm/i915: fixup infoframe support for sdvo - LP: #1081645 * drm/i915: clear the entire sdvo infoframe buffer - LP: #1081645 * USB: mos7840: remove unused variable - LP: #1081645 * xfs: fix reading of wrapped log data - LP: #1081645 * intel-iommu: Fix AB-BA lockdep report - LP: #1081645 * ALSA: Fix card refcount unbalance - LP: #1081645 * ALSA: usb-audio: Fix mutex deadlock at disconnection - LP: #1081645 * Linux 3.0.52 - LP: #1081645 * mm: bugfix: set current->reclaim_state to NULL while returning from kswapd() - LP: #1083318 * fanotify: fix missing break - LP: #1083318 * crypto: cryptd - disable softirqs in cryptd_queue_worker to prevent data corruption - LP: #1083318 * ALSA: hda: Cirrus: Fix coefficient index for beep configuration - LP: #1083318 * ALSA: hda - Force to reset IEC958 status bits for AD codecs - LP: #1083318, #359361 * ASoC: wm8978: pll incorrectly configured when codec is master - LP: #1083318 * ASoC: dapm: Use card_list during DAPM shutdown - LP: #1083318 * UBIFS: fix mounting problems after power cuts - LP: #1083318 * UBIFS: introduce categorized lprops counter - LP: #1083318 * s390/gup: add missing TASK_SIZE check to get_user_pages_fast() - LP: #1083318 * USB: option: add Novatel E362 and Dell Wireless 5800 USB IDs - LP: #1083318 * USB: option: add Alcatel X220/X500D USB IDs - LP: #1083318 * wireless: allow 40 MHz on world roaming channels 12/13 - LP: #1083318 * m68k: fix sigset_t accessor functions - LP: #1083318 * ipv4: avoid undefined behavior in do_ip_setsockopt() - LP: #1083318 * ipv6: setsockopt(IPIPPROTO_IPV6, IPV6_MINHOPCOUNT) forgot to set return value - LP: #1083318 * net: correct check in dev_addr_del() - LP: #1083318 * net-rps: Fix brokeness causing OOO packets - LP: #1083318 * r8169: use unlimited DMA burst for TX - LP: #1083318 * kbuild: Fix gcc -x syntax - LP: #1083318 * netfilter: Validate the sequence number of dataless ACK packets as well - LP: #1083318 * netfilter: Mark SYN/ACK packets as invalid from original direction - LP: #1083318 * netfilter: nf_nat: don't check for port change on ICMP tuples - LP: #1083318 * usb: use usb_serial_put in usb_serial_probe errors - LP: #1083318 * sky2: Fix for interrupt handler - LP: #1083318 * drm/i915: fix overlay on i830M - LP: #1083318 * NFS: Wait for session recovery to finish before returning - LP: #1083318 * reiserfs: Fix lock ordering during remount - LP: #1083318 * reiserfs: Protect reiserfs_quota_on() with write lock - LP: #1083318 * reiserfs: Move quota calls out of write lock - LP: #1083318 * reiserfs: Protect reiserfs_quota_write() with write lock - LP: #1083318 * selinux: fix sel_netnode_insert() suspicious rcu dereference - LP: #1083318 * PCI : ability to relocate assigned pci-resources - LP: #1083318 * PCI : Calculate right add_size - LP: #1083318 * Resource: fix wrong resource window calculation - LP: #1083318 * Linux 3.0.53 - LP: #1083318 * mm/hotplug: correctly add new zone to all other nodes' zone lists - LP: #1079860 - CVE-2012-5517 * Bluetooth: ath3k: Add support for VAIO VPCEH [0489:e027] - LP: #898826 linux (3.0.0-28.45) oneiric-proposed; urgency=low [Luis Henriques] * Release Tracking Bug - LP: #1078663 [ Tim Gardner ] * [Config] updateconfigs for stable updates [ Upstream Kernel Changes ] * Revert "SUNRPC: Ensure we close the socket on EPIPE errors too..." - LP: #1075332 * mn10300: only add -mmem-funcs to KBUILD_CFLAGS if gcc supports it - LP: #1067857 * kbuild: make: fix if_changed when command contains backslashes - LP: #1067857 * media: rc: ite-cir: Initialise ite_dev::rdev earlier - LP: #1067857 * ACPI: run _OSC after ACPI_FULL_INITIALIZATION - LP: #1067857 * PCI: acpiphp: check whether _ADR evaluation succeeded - LP: #1067857 * lib/gcd.c: prevent possible div by 0 - LP: #1067857 * kernel/sys.c: call disable_nonboot_cpus() in kernel_restart() - LP: #1067857 * drivers/scsi/atp870u.c: fix bad use of udelay - LP: #1067857 * workqueue: add missing smp_wmb() in process_one_work() - LP: #1067857 * xfrm: Workaround incompatibility of ESN and async crypto - LP: #1067857 * xfrm_user: return error pointer instead of NULL - LP: #1067857 * xfrm_user: return error pointer instead of NULL #2 - LP: #1067857 * xfrm: fix a read lock imbalance in make_blackhole - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_auth() - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_state() - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_policy() - LP: #1067857 * xfrm_user: fix info leak in copy_to_user_tmpl() - LP: #1067857 * xfrm_user: don't copy esn replay window twice for new states - LP: #1067857 * xfrm_user: ensure user supplied esn replay window is valid - LP: #1067857 * net: ethernet: davinci_cpdma: decrease the desc count when cleaning up the remaining packets - LP: #1067857 * ixp4xx_hss: fix build failure due to missing linux/module.h inclusion - LP: #1067857 * netxen: check for root bus in netxen_mask_aer_correctable - LP: #1067857 * net-sched: sch_cbq: avoid infinite loop - LP: #1067857 * pkt_sched: fix virtual-start-time update in QFQ - LP: #1067857 * sierra_net: Endianess bug fix. - LP: #1067857 * 8021q: fix mac_len recomputation in vlan_untag() - LP: #1067857 * ipv6: release reference of ip6_null_entry's dst entry in __ip6_del_rt - LP: #1067857 * tcp: flush DMA queue before sk_wait_data if rcv_wnd is zero - LP: #1067857 * sctp: Don't charge for data in sndbuf again when transmitting packet - LP: #1067857 * pppoe: drop PPPOX_ZOMBIEs in pppoe_release - LP: #1067857 * net: small bug on rxhash calculation - LP: #1067857 * net: guard tcp_set_keepalive() to tcp sockets - LP: #1067857 * ipv4: raw: fix icmp_filter() - LP: #1067857 * ipv6: raw: fix icmpv6_filter() - LP: #1067857 * ipv6: mip6: fix mip6_mh_filter() - LP: #1067857 * l2tp: fix a typo in l2tp_eth_dev_recv() - LP: #1067857 * netrom: copy_datagram_iovec can fail - LP: #1067857 * net: do not disable sg for packets requiring no checksum - LP: #1067857 * aoe: assert AoE packets marked as requiring no checksum - LP: #1067857 * tg3: Fix TSO CAP for 5704 devs w / ASF enabled - LP: #1067857 * SCSI: zfcp: Make trace record tags unique - LP: #1067857 * SCSI: zfcp: Do not wakeup while suspended - LP: #1067857 * SCSI: zfcp: remove invalid reference to list iterator variable - LP: #1067857 * SCSI: zfcp: restore refcount check on port_remove - LP: #1067857 * SCSI: zfcp: only access zfcp_scsi_dev for valid scsi_device - LP: #1067857 * PCI: Check P2P bridge for invalid secondary/subordinate range - LP: #1067857 * ext4: online defrag is not supported for journaled files - LP: #1067857 * ext4: always set i_op in ext4_mknod() - LP: #1067857 * ext4: fix fdatasync() for files with only i_size changes - LP: #1067857 * ASoC: wm9712: Fix name of Capture Switch - LP: #1067857 * mm: fix invalidate_complete_page2() lock ordering - LP: #1067857 * mm: thp: fix pmd_present for split_huge_page and PROT_NONE with THP - LP: #1067857 * ALSA: aloop - add locking to timer access - LP: #1067857 * ALSA: usb - disable broken hw volume for Tenx TP6911 - LP: #1067857, #559939 * ALSA: USB: Support for (original) Xbox Communicator - LP: #1067857 * drm/radeon: only adjust default clocks on NI GPUs - LP: #1067857 * drm/radeon: Add MSI quirk for gateway RS690 - LP: #1067857 * drm/radeon: force MSIs on RS690 asics - LP: #1067857 * rcu: Fix day-one dyntick-idle stall-warning bug - LP: #1067857 * r8169: fix wake on lan setting for non-8111E. - LP: #1067857 * r8169: don't enable rx when shutdown. - LP: #1067857 * r8169: remove erroneous processing of always set bit. - LP: #1067857 * r8169: jumbo fixes. - LP: #1067857 * r8169: expand received packet length indication. - LP: #1067857 * r8169: increase the delay parameter of pm_schedule_suspend - LP: #1067857 * r8169: Rx FIFO overflow fixes. - LP: #1067857 * r8169: fix Config2 MSIEnable bit setting. - LP: #1067857 * r8169: missing barriers. - LP: #1067857 * r8169: runtime resume before shutdown. - LP: #1067857 * r8169: Config1 is read-only on 8168c and later. - LP: #1067857 * r8169: 8168c and later require bit 0x20 to be set in Config2 for PME signaling. - LP: #1067857 * r8169: fix unsigned int wraparound with TSO - LP: #1067857 * r8169: call netif_napi_del at errpaths and at driver unload - LP: #1067857 * revert "mm: mempolicy: Let vma_merge and vma_split handle vma->vm_policy linkages" - LP: #1067857 * mempolicy: remove mempolicy sharing - LP: #1067857 * mempolicy: fix a race in shared_policy_replace() - LP: #1067857 * mempolicy: fix refcount leak in mpol_set_shared_policy() - LP: #1067857 * mempolicy: fix a memory corruption by refcount imbalance in alloc_pages_vma() - LP: #1067857 * CPU hotplug, cpusets, suspend: Don't modify cpusets during suspend/resume - LP: #1067857 * mtd: autcpu12-nvram: Fix compile breakage - LP: #1067857 * mtd: nandsim: bugfix: fail if overridesize is too big - LP: #1067857 * mtd: nand: Use the mirror BBT descriptor when reading its version - LP: #1067857 * mtd: omap2: fix omap_nand_remove segfault - LP: #1067857 * mtd: omap2: fix module loading - LP: #1067857 * Linux 3.0.46 - LP: #1067857 * eCryptfs: check for eCryptfs cipher support at mount - LP: #338914 * ARM: vfp: fix saving d16-d31 vfp registers on v6+ kernels - LP: #1069914 * lockd: use rpc client's cl_nodename for id encoding - LP: #1069914 * ACPI: EC: Make the GPE storm threshold a module parameter - LP: #1069914 * ACPI: EC: Add a quirk for CLEVO M720T/M730T laptop - LP: #1069914 * mips,kgdb: fix recursive page fault with CONFIG_KPROBES - LP: #1069914 * tmpfs,ceph,gfs2,isofs,reiserfs,xfs: fix fh_len checking - LP: #1069914 * ARM: 7541/1: Add ARM ERRATA 775420 workaround - LP: #1069914 * firewire: cdev: fix user memory corruption (i386 userland on amd64 kernel) - LP: #1069914 * SUNRPC: Ensure that the TCP socket is closed when in CLOSE_WAIT - LP: #1069914 * xen/bootup: allow {read|write}_cr8 pvops call. - LP: #1069914 * xen/bootup: allow read_tscp call for Xen PV guests. - LP: #1069914 * autofs4 - fix reset pending flag on mount fail - LP: #1069914 * module: taint kernel when lve module is loaded - LP: #1069914 * video/udlfb: fix line counting in fb_write - LP: #1069914 * viafb: don't touch clock state on OLPC XO-1.5 - LP: #1069914 * timers: Fix endless looping between cascade() and internal_add_timer() - LP: #1069914 * pktgen: fix crash when generating IPv6 packets - LP: #1069914 * tg3: Apply short DMA frag workaround to 5906 - LP: #1069914 * ipvs: fix oops in ip_vs_dst_event on rmmod - LP: #1069914 * netfilter: nf_conntrack: fix racy timer handling with reliable events - LP: #1069914 * netfilter: nf_ct_ipv4: packets with wrong ihl are invalid - LP: #1069914 * netfilter: nf_nat_sip: fix incorrect handling of EBUSY for RTCP expectation - LP: #1069914 * ipvs: fix oops on NAT reply in br_nf context - LP: #1069914 * netfilter: nf_nat_sip: fix via header translation with multiple parameters - LP: #1069914 * netfilter: nf_ct_expect: fix possible access to uninitialized timer - LP: #1069914 * netfilter: limit, hashlimit: avoid duplicated inline - LP: #1069914 * netfilter: xt_limit: have r->cost != 0 case work - LP: #1069914 * Add CDC-ACM support for the CX93010-2x UCMxx USB Modem - LP: #1069914 * drm/radeon: Don't destroy I2C Bus Rec in radeon_ext_tmds_enc_destroy(). - LP: #1069914 * jbd: Fix assertion failure in commit code due to lacking transaction credits - LP: #1069914 * x86, random: Architectural inlines to get random integers with RDRAND - LP: #1069914 * x86, random: Verify RDRAND functionality and allow it to be disabled - LP: #1069914 * tpm: Propagate error from tpm_transmit to fix a timeout hang - LP: #1069914 * udf: fix retun value on error path in udf_load_logicalvol - LP: #1069914 * ALSA: ac97 - Fix missing NULL check in snd_ac97_cvol_new() - LP: #1069914 * ALSA: emu10k1: add chip details for E-mu 1010 PCIe card - LP: #1069914 * Linux 3.0.47 - LP: #1069914 * Linux 3.0.48 - LP: #1069939 * drm/i915: apply timing generator bug workaround on CPT and PPT - LP: #1041315 * arch/tile: avoid generating .eh_frame information in modules - LP: #1075329 * NLM: nlm_lookup_file() may return NLMv4-specific error codes - LP: #1075329 * oprofile, x86: Fix wrapping bug in op_x86_get_ctrl() - LP: #1075329 * SUNRPC: Prevent kernel stack corruption on long values of flush - LP: #1075329 * Revert: lockd: use rpc client's cl_nodename for id encoding - LP: #1075329 * pcmcia: sharpsl: don't discard sharpsl_pcmcia_ops - LP: #1075329 * kernel/sys.c: fix stack memory content leak via UNAME26 - LP: #1075329 - CVE-2012-0957 * use clamp_t in UNAME26 fix - LP: #1075329 * x86: Exclude E820_RESERVED regions and memory holes above 4 GB from direct mapping. - LP: #1075329 * xen/x86: don't corrupt %eip when returning from a signal handler - LP: #1075329 * USB: cdc-acm: fix pipe type of write endpoint - LP: #1075329 * usb: acm: fix the computation of the number of data bits - LP: #1075329 * USB: option: blacklist net interface on ZTE devices - LP: #1075329 * USB: option: add more ZTE devices - LP: #1075329 * cgroup: notify_on_release may not be triggered in some cases - LP: #1075329 * amd64_edac:__amd64_set_scrub_rate(): avoid overindexing scrubrates[] - LP: #1075329 * media: au0828: fix case where STREAMOFF being called on stopped stream causes BUG() - LP: #1075329 * net: Fix skb_under_panic oops in neigh_resolve_output - LP: #1075329 * skge: Add DMA mask quirk for Marvell 88E8001 on ASUS P5NSLI motherboard - LP: #1075329 * RDS: fix rds-ping spinlock recursion - LP: #1075329 * tcp: resets are misrouted - LP: #1075329 * sparc64: fix ptrace interaction with force_successful_syscall_return() - LP: #1075329 * sparc64: Like x86 we should check current->mm during perf backtrace generation. - LP: #1075329 * sparc64: Fix bit twiddling in sparc_pmu_enable_event(). - LP: #1075329 * sparc64: do not clobber personality flags in sys_sparc64_personality() - LP: #1075329 * sparc64: Be less verbose during vmemmap population. - LP: #1075329 * xHCI: add cmd_ring_state - LP: #1075329 * xHCI: add aborting command ring function - LP: #1075329 * xHCI: cancel command after command timeout - LP: #1075329 * xHCI: handle command after aborting the command ring - LP: #1075329 * Linux 3.0.49 - LP: #1075329 * gen_init_cpio: avoid stack overflow when expanding - LP: #1075332 * fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check - LP: #1075332 * drivers/rtc/rtc-imxdi.c: add missing spin lock initialization - LP: #1075332 * genalloc: stop crashing the system when destroying a pool - LP: #1075332 * ARM: 7559/1: smp: switch away from the idmap before updating init_mm.mm_count - LP: #1075332 * SUNRPC: Get rid of the xs_error_report socket callback - LP: #1075332 * SUNRPC: Clear the connect flag when socket state is TCP_CLOSE_WAIT - LP: #1075332 * SUNRPC: Prevent races in xs_abort_connection() - LP: #1075332 * sysfs: sysfs_pathname/sysfs_add_one: Use strlcat() instead of strcat() - LP: #1075332 * ehci: fix Lucid nohandoff pci quirk to be more generic with BIOS versions - LP: #1075332 * ehci: Add yet-another Lucid nohandoff pci quirk - LP: #1075332 * usb-storage: add unusual_devs entry for Casio EX-N1 digital camera - LP: #1075332 * usb hub: send clear_tt_buffer_complete events when canceling TT clear work - LP: #1075332 * USB: whiteheat: fix memory leak in error path - LP: #1075332 * USB: opticon: fix DMA from stack - LP: #1075332 * USB: opticon: fix memory leak in error path - LP: #1075332 * USB: serial: Fix memory leak in sierra_release() - LP: #1075332 * USB: sierra: fix memory leak in attach error path - LP: #1075332 * USB: sierra: fix memory leak in probe error path - LP: #1075332 * USB: mos7840: fix urb leak at release - LP: #1075332 * USB: mos7840: fix port-device leak in error path - LP: #1075332 * USB: mos7840: remove NULL-urb submission - LP: #1075332 * USB: mos7840: remove invalid disconnect handling - LP: #1075332 * xhci: Fix potential NULL ptr deref in command cancellation. - LP: #1075332 * vhost: fix mergeable bufs on BE hosts - LP: #1075332 * ARM: at91/i2c: change id to let i2c-gpio work - LP: #1075332 * mac80211: check if key has TKIP type before updating IV - LP: #1075332 * bcma: fix unregistration of cores - LP: #1075332 * cpufreq / powernow-k8: Remove usage of smp_processor_id() in preemptible code - LP: #1075332 * x86, mm: Find_early_table_space based on ranges that are actually being mapped - LP: #1075332 * x86, mm: Undo incorrect revert in arch/x86/mm/init.c - LP: #1075332 * staging: comedi: amplc_pc236: fix invalid register access during detach - LP: #1075332 * drm/i915: no lvds quirk for Zotac ZDBOX SD ID12/ID13 - LP: #1075332 * Linux 3.0.50 - LP: #1075332 * floppy: do put_disk on current dr if blk_init_queue fails - LP: #1075335 * x86: Remove the ancient and deprecated disable_hlt() and enable_hlt() facility - LP: #1075335 * mm: fix XFS oops due to dirty pages without buffers on s390 - LP: #1075335 * drm/nouveau: silence modesetting spam on pre-gf8 chipsets - LP: #1075335 * Linux 3.0.51 - LP: #1075335 * net: fix divide by zero in tcp algorithm illinois - LP: #1077091 - CVE-2012-4565 Date: 2012-12-05 11:45:20.212235+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/lucid/+source/linux-lts-backport-oneiric/3.0.0-29.46~lucid1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 19 16:59:13 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 19 Dec 2012 16:59:13 -0000 Subject: [ubuntu/lucid-updates] ffmpeg-extra 4:0.5.9-0ubuntu0.10.04.2 (Accepted) Message-ID: <20121219165913.29655.4047.launchpad@ackee.canonical.com> ffmpeg-extra (4:0.5.9-0ubuntu0.10.04.2) lucid-security; urgency=low * SECURITY UPDATE: security issues in decode_pic - debian/patches/CVE-2012-2777-2784.patch: prevent changing w/h in libavcodec/cavsdec.c. - CVE-2012-2777 - CVE-2012-2784 * SECURITY UPDATE: out of array read in avi_read_packet function - debian/patches/CVE-2012-2788.patch: use accurate size in libavformat/avidec.c. - CVE-2012-2788 * SECURITY UPDATE: out of array writes in avs.c - debian/patches/CVE-2012-2801.patch: force dimensions in libavcodec/avs.c. - CVE-2012-2801 Date: 2012-12-19 14:25:13.627884+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/ffmpeg-extra/4:0.5.9-0ubuntu0.10.04.2 -------------- next part -------------- Sorry, changesfile not available. From ubuntu at kitterman.com Wed Dec 26 03:44:20 2012 From: ubuntu at kitterman.com (Scott Kitterman) Date: Wed, 26 Dec 2012 03:44:20 -0000 Subject: [ubuntu/lucid-updates] unattended-upgrades 0.55ubuntu8 (Accepted) Message-ID: <20121226034420.13683.86641.launchpad@ackee.canonical.com> unattended-upgrades (0.55ubuntu8) lucid-proposed; urgency=low * unattended-upgrade: ignore md5sum "newconffile" (LP: #936870) Date: 2012-11-13 17:50:10.481137+00:00 Changed-By: Brian Murray Maintainer: Michael Vogt Signed-By: Scott Kitterman https://launchpad.net/ubuntu/lucid/+source/unattended-upgrades/0.55ubuntu8 -------------- next part -------------- Sorry, changesfile not available. From jamie at ubuntu.com Sun Dec 30 03:06:24 2012 From: jamie at ubuntu.com (Jamie Strandboge) Date: Sun, 30 Dec 2012 03:06:24 -0000 Subject: [ubuntu/lucid-security] moin 1.9.2-2ubuntu3.3 (Accepted) Message-ID: <20121230030624.17350.93499.launchpad@ackee.canonical.com> moin (1.9.2-2ubuntu3.3) lucid-security; urgency=low * SECURITY UPDATE: arbitrary code execution via anywikidraw/twikidraw - debian/patches/CVE-2012-XXXX.patch: adjust action/anywikidraw.py and action/twikidraw.py to use wikiutil.taintfilename() - CVE-2012-XXXX * SECURITY UPDATE: path traversal via AttachFile - debian/patches/CVE-2012-YYYY.patch: adjust action/AttachFile.py to use wikiutil.taintfilename() - CVE-2012-YYYY Date: 2012-12-30 01:05:20.378623+00:00 Changed-By: Jamie Strandboge https://launchpad.net/ubuntu/lucid/+source/moin/1.9.2-2ubuntu3.3 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Sun Dec 30 03:59:14 2012 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Sun, 30 Dec 2012 03:59:14 -0000 Subject: [ubuntu/lucid-updates] moin 1.9.2-2ubuntu3.3 (Accepted) Message-ID: <20121230035914.2605.71103.launchpad@ackee.canonical.com> moin (1.9.2-2ubuntu3.3) lucid-security; urgency=low * SECURITY UPDATE: arbitrary code execution via anywikidraw/twikidraw - debian/patches/CVE-2012-XXXX.patch: adjust action/anywikidraw.py and action/twikidraw.py to use wikiutil.taintfilename() - CVE-2012-XXXX * SECURITY UPDATE: path traversal via AttachFile - debian/patches/CVE-2012-YYYY.patch: adjust action/AttachFile.py to use wikiutil.taintfilename() - CVE-2012-YYYY Date: 2012-12-30 01:05:20.378623+00:00 Changed-By: Jamie Strandboge Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/lucid/+source/moin/1.9.2-2ubuntu3.3 -------------- next part -------------- Sorry, changesfile not available.