From marc.deslauriers at canonical.com Mon Dec 1 15:24:28 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Mon, 01 Dec 2014 15:24:28 -0000 Subject: [ubuntu/lucid-security] ppp 2.4.5~git20081126t100229-0ubuntu3.1 (Accepted) Message-ID: <20141201152428.30543.92362.launchpad@ackee.canonical.com> ppp (2.4.5~git20081126t100229-0ubuntu3.1) lucid-security; urgency=medium * SECURITY UPDATE: possible privilege escalation via option parsing - debian/patches/CVE-2014-3158.patch: fix integer overflow in pppd/options.c. - CVE-2014-3158 Date: 2014-11-26 12:56:21.138335+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/ppp/2.4.5~git20081126t100229-0ubuntu3.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 1 15:58:11 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 01 Dec 2014 15:58:11 -0000 Subject: [ubuntu/lucid-updates] ppp 2.4.5~git20081126t100229-0ubuntu3.1 (Accepted) Message-ID: <20141201155811.30544.83412.launchpad@ackee.canonical.com> ppp (2.4.5~git20081126t100229-0ubuntu3.1) lucid-security; urgency=medium * SECURITY UPDATE: possible privilege escalation via option parsing - debian/patches/CVE-2014-3158.patch: fix integer overflow in pppd/options.c. - CVE-2014-3158 Date: 2014-11-26 12:56:21.138335+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ppp/2.4.5~git20081126t100229-0ubuntu3.1 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Wed Dec 3 18:16:43 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Wed, 03 Dec 2014 18:16:43 -0000 Subject: [ubuntu/lucid-security] eglibc 2.11.1-0ubuntu7.19 (Accepted) Message-ID: <20141203181643.29123.26117.launchpad@ackee.canonical.com> eglibc (2.11.1-0ubuntu7.19) lucid-security; urgency=medium * SECURITY UPDATE: denial of service in IBM gconv modules - debian/patches/any/CVE-2012-6656.diff: fix check in iconvdata/ibm930.c. - debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in iconvdata/ibm*.c. - CVE-2012-6656 - CVE-2014-6040 * SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471) - debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in posix/wordexp.c, added tests to posix/wordexp-test.c. - CVE-2014-7817 Date: 2014-12-02 16:34:12.078980+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.19 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Wed Dec 3 19:28:35 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Wed, 03 Dec 2014 19:28:35 -0000 Subject: [ubuntu/lucid-updates] eglibc 2.11.1-0ubuntu7.19 (Accepted) Message-ID: <20141203192835.29123.61391.launchpad@ackee.canonical.com> eglibc (2.11.1-0ubuntu7.19) lucid-security; urgency=medium * SECURITY UPDATE: denial of service in IBM gconv modules - debian/patches/any/CVE-2012-6656.diff: fix check in iconvdata/ibm930.c. - debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in iconvdata/ibm*.c. - CVE-2012-6656 - CVE-2014-6040 * SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471) - debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in posix/wordexp.c, added tests to posix/wordexp-test.c. - CVE-2014-7817 Date: 2014-12-02 16:34:12.078980+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.19 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Thu Dec 4 13:58:39 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Thu, 04 Dec 2014 13:58:39 -0000 Subject: [ubuntu/lucid-security] tcpdump 4.0.0-6ubuntu3.1 (Accepted) Message-ID: <20141204135839.26095.64455.launchpad@ackee.canonical.com> tcpdump (4.0.0-6ubuntu3.1) lucid-security; urgency=medium * SECURITY UPDATE: denial of service and possible code execution in olsr_print - debian/patches/CVE-2014-8767.patch: improve bounds checking and error handling in print-olsr.c. - CVE-2014-8767 * SECURITY UPDATE: denial of service and possible code execution in print-aodv.c - debian/patches/CVE-2014-8769.patch: improve bounds checking and length checking in print-aodv.c, aodv.h. - CVE-2014-8769 * SECURITY UPDATE: denial of service and possible code execution in print-ppp.c - debian/patches/CVE-2014-9140.patch: improve bounds checking in print-ppp.c. - CVE-2014-9140 Date: 2014-12-03 22:24:11.819164+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/tcpdump/4.0.0-6ubuntu3.1 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Thu Dec 4 14:28:23 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Thu, 04 Dec 2014 14:28:23 -0000 Subject: [ubuntu/lucid-updates] tcpdump 4.0.0-6ubuntu3.1 (Accepted) Message-ID: <20141204142823.26095.86311.launchpad@ackee.canonical.com> tcpdump (4.0.0-6ubuntu3.1) lucid-security; urgency=medium * SECURITY UPDATE: denial of service and possible code execution in olsr_print - debian/patches/CVE-2014-8767.patch: improve bounds checking and error handling in print-olsr.c. - CVE-2014-8767 * SECURITY UPDATE: denial of service and possible code execution in print-aodv.c - debian/patches/CVE-2014-8769.patch: improve bounds checking and length checking in print-aodv.c, aodv.h. - CVE-2014-8769 * SECURITY UPDATE: denial of service and possible code execution in print-ppp.c - debian/patches/CVE-2014-9140.patch: improve bounds checking in print-ppp.c. - CVE-2014-9140 Date: 2014-12-03 22:24:11.819164+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/tcpdump/4.0.0-6ubuntu3.1 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Mon Dec 8 14:00:22 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Mon, 08 Dec 2014 14:00:22 -0000 Subject: [ubuntu/lucid-security] ghostscript 8.71.dfsg.1-0ubuntu5.6 (Accepted) Message-ID: <20141208140022.3458.52004.launchpad@ackee.canonical.com> ghostscript (8.71.dfsg.1-0ubuntu5.6) lucid-security; urgency=medium * SECURITY UPDATE: heap overflows via crafted jp2 file - debian/patches/CVE-2014-9029.dpatch: fix off-by-one in jasper/src/libjasper/jpc/jpc_dec.c. - CVE-2014-9029 Date: 2014-12-05 21:07:31.992191+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/ghostscript/8.71.dfsg.1-0ubuntu5.6 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 8 14:58:27 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 08 Dec 2014 14:58:27 -0000 Subject: [ubuntu/lucid-updates] ghostscript 8.71.dfsg.1-0ubuntu5.6 (Accepted) Message-ID: <20141208145827.3452.86626.launchpad@ackee.canonical.com> ghostscript (8.71.dfsg.1-0ubuntu5.6) lucid-security; urgency=medium * SECURITY UPDATE: heap overflows via crafted jp2 file - debian/patches/CVE-2014-9029.dpatch: fix off-by-one in jasper/src/libjasper/jpc/jpc_dec.c. - CVE-2014-9029 Date: 2014-12-05 21:07:31.992191+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ghostscript/8.71.dfsg.1-0ubuntu5.6 -------------- next part -------------- Sorry, changesfile not available. From seth.arnold at canonical.com Tue Dec 9 00:51:13 2014 From: seth.arnold at canonical.com (Seth Arnold) Date: Tue, 09 Dec 2014 00:51:13 -0000 Subject: [ubuntu/lucid-security] graphviz 2.20.2-8ubuntu3.2 (Accepted) Message-ID: <20141209005113.4684.95947.launchpad@ackee.canonical.com> graphviz (2.20.2-8ubuntu3.2) lucid-security; urgency=medium * SECURITY UPDATE: Format string vulnerability may allow attackers to cause a denial of service or possibly execute code. - debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in lib/cgraph/scan.l yyerror() routine. - CVE-2014-9157 Date: 2014-12-05 03:21:10.707581+00:00 Changed-By: Seth Arnold https://launchpad.net/ubuntu/+source/graphviz/2.20.2-8ubuntu3.2 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Tue Dec 9 01:28:40 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Tue, 09 Dec 2014 01:28:40 -0000 Subject: [ubuntu/lucid-updates] graphviz 2.20.2-8ubuntu3.2 (Accepted) Message-ID: <20141209012840.4685.96607.launchpad@ackee.canonical.com> graphviz (2.20.2-8ubuntu3.2) lucid-security; urgency=medium * SECURITY UPDATE: Format string vulnerability may allow attackers to cause a denial of service or possibly execute code. - debian/patches/CVE-2014-9157.patch: Fix format string vulnerability in lib/cgraph/scan.l yyerror() routine. - CVE-2014-9157 Date: 2014-12-05 03:21:10.707581+00:00 Changed-By: Seth Arnold Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/graphviz/2.20.2-8ubuntu3.2 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Tue Dec 9 21:54:02 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Tue, 09 Dec 2014 21:54:02 -0000 Subject: [ubuntu/lucid-security] bind9 1:9.7.0.dfsg.P1-1ubuntu0.12 (Accepted) Message-ID: <20141209215402.4684.95482.launchpad@ackee.canonical.com> bind9 (1:9.7.0.dfsg.P1-1ubuntu0.12) lucid-security; urgency=medium * SECURITY UPDATE: denial of service via delegation handling defect - limit max recursion in bin/named/config.c, bin/named/query.c, bin/named/server.c, lib/dns/adb.c, lib/dns/include/dns/adb.h, lib/dns/include/dns/resolver.h, lib/dns/resolver.c, lib/export/isc/Makefile.in, lib/isc/Makefile.in, lib/isc/counter.c, lib/isc/include/isc/counter.h, lib/isc/include/isc/Makefile.in, lib/isc/include/isc/types.h, lib/isc/tests/counter_test.c, lib/isccfg/namedconf.c. - Based on patch provided by upstream. - CVE-2014-8500 Date: 2014-12-09 20:27:13.484447+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.12 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Tue Dec 9 22:28:30 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Tue, 09 Dec 2014 22:28:30 -0000 Subject: [ubuntu/lucid-updates] bind9 1:9.7.0.dfsg.P1-1ubuntu0.12 (Accepted) Message-ID: <20141209222830.4684.52625.launchpad@ackee.canonical.com> bind9 (1:9.7.0.dfsg.P1-1ubuntu0.12) lucid-security; urgency=medium * SECURITY UPDATE: denial of service via delegation handling defect - limit max recursion in bin/named/config.c, bin/named/query.c, bin/named/server.c, lib/dns/adb.c, lib/dns/include/dns/adb.h, lib/dns/include/dns/resolver.h, lib/dns/resolver.c, lib/export/isc/Makefile.in, lib/isc/Makefile.in, lib/isc/counter.c, lib/isc/include/isc/counter.h, lib/isc/include/isc/Makefile.in, lib/isc/include/isc/types.h, lib/isc/tests/counter_test.c, lib/isccfg/namedconf.c. - Based on patch provided by upstream. - CVE-2014-8500 Date: 2014-12-09 20:27:13.484447+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/bind9/1:9.7.0.dfsg.P1-1ubuntu0.12 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:20:35 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:20:35 -0000 Subject: [ubuntu/lucid-security] linux-backports-modules-2.6.32 2.6.32-69.71 (Accepted) Message-ID: <20141211002035.31919.86121.launchpad@ackee.canonical.com> linux-backports-modules-2.6.32 (2.6.32-69.71) lucid; urgency=low * Start new release (and bump ABI) Date: 2014-11-24 21:12:12.970331+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-backports-modules-2.6.32/2.6.32-69.71 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:20:32 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:20:32 -0000 Subject: [ubuntu/lucid-updates] linux-backports-modules-2.6.32 2.6.32-69.71 (Accepted) Message-ID: <20141211002032.31919.46864.launchpad@ackee.canonical.com> linux-backports-modules-2.6.32 (2.6.32-69.71) lucid; urgency=low * Start new release (and bump ABI) Date: 2014-11-24 21:12:12.970331+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-backports-modules-2.6.32/2.6.32-69.71 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:20:41 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:20:41 -0000 Subject: [ubuntu/lucid-updates] linux-meta 2.6.32.69.76 (Accepted) Message-ID: <20141211002041.31919.36500.launchpad@ackee.canonical.com> linux-meta (2.6.32.69.76) lucid; urgency=medium [ Brad Figg ] * Bump ABI Date: 2014-11-24 21:12:26.084705+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta/2.6.32.69.76 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:20:46 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:20:46 -0000 Subject: [ubuntu/lucid-security] linux-meta 2.6.32.69.76 (Accepted) Message-ID: <20141211002046.31919.57967.launchpad@ackee.canonical.com> linux-meta (2.6.32.69.76) lucid; urgency=medium [ Brad Figg ] * Bump ABI Date: 2014-11-24 21:12:26.084705+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta/2.6.32.69.76 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:20:50 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:20:50 -0000 Subject: [ubuntu/lucid-updates] linux-ports-meta 2.6.32.69.63 (Accepted) Message-ID: <20141211002050.31919.68069.launchpad@ackee.canonical.com> linux-ports-meta (2.6.32.69.63) lucid; urgency=medium * Bump ABI Date: 2014-11-24 21:12:28.620742+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ports-meta/2.6.32.69.63 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:20:53 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:20:53 -0000 Subject: [ubuntu/lucid-security] linux-ports-meta 2.6.32.69.63 (Accepted) Message-ID: <20141211002053.31919.93019.launchpad@ackee.canonical.com> linux-ports-meta (2.6.32.69.63) lucid; urgency=medium * Bump ABI Date: 2014-11-24 21:12:28.620742+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ports-meta/2.6.32.69.63 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:21:27 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:21:27 -0000 Subject: [ubuntu/lucid-updates] linux 2.6.32-69.136 (Accepted) Message-ID: <20141211002127.31920.51422.launchpad@ackee.canonical.com> linux (2.6.32-69.136) lucid; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1395827 [ Upstream Kernel Changes ] * net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks - LP: #1386367 - CVE-2014-3673 * net: sctp: fix panic on duplicate ASCONF chunks - LP: #1386392 - CVE-2014-3687 * net: sctp: fix remote memory pressure from excessive queueing - LP: #1386393 - CVE-2014-3688 * mac80211: fix fragmentation code, particularly for encryption - LP: #1392013 - CVE-2014-8709 * ttusb-dec: buffer overflow in ioctl - LP: #1395187 - CVE-2014-8884 * net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet - LP: #1392820 - CVE-2014-7841 Date: 2014-11-24 21:11:12.465904+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux/2.6.32-69.136 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:21:30 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:21:30 -0000 Subject: [ubuntu/lucid-updates] linux-meta-ec2 2.6.32.373.54 (Accepted) Message-ID: <20141211002130.31920.13640.launchpad@ackee.canonical.com> linux-meta-ec2 (2.6.32.373.54) lucid; urgency=low * Bump linux-ec2 ABI to 373 for stable release Date: 2014-11-25 15:54:15.028046+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta-ec2/2.6.32.373.54 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:21:31 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:21:31 -0000 Subject: [ubuntu/lucid-security] linux-meta-ec2 2.6.32.373.54 (Accepted) Message-ID: <20141211002131.31920.92959.launchpad@ackee.canonical.com> linux-meta-ec2 (2.6.32.373.54) lucid; urgency=low * Bump linux-ec2 ABI to 373 for stable release Date: 2014-11-25 15:54:15.028046+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta-ec2/2.6.32.373.54 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:21:56 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:21:56 -0000 Subject: [ubuntu/lucid-updates] linux-ec2 2.6.32-373.90 (Accepted) Message-ID: <20141211002156.31919.55161.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-373.90) lucid; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-69.136 * Release Tracking Bug - LP: #1395971 [ Ubuntu: 2.6.32-69.136 ] * net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks - LP: #1386367 - CVE-2014-3673 * net: sctp: fix panic on duplicate ASCONF chunks - LP: #1386392 - CVE-2014-3687 * net: sctp: fix remote memory pressure from excessive queueing - LP: #1386393 - CVE-2014-3688 * mac80211: fix fragmentation code, particularly for encryption - LP: #1392013 - CVE-2014-8709 * ttusb-dec: buffer overflow in ioctl - LP: #1395187 - CVE-2014-8884 * net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet - LP: #1392820 - CVE-2014-7841 Date: 2014-11-25 14:00:22.516878+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-373.90 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:22:09 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:22:09 -0000 Subject: [ubuntu/lucid-security] linux-ec2 2.6.32-373.90 (Accepted) Message-ID: <20141211002209.5199.57011.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-373.90) lucid; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-69.136 * Release Tracking Bug - LP: #1395971 [ Ubuntu: 2.6.32-69.136 ] * net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks - LP: #1386367 - CVE-2014-3673 * net: sctp: fix panic on duplicate ASCONF chunks - LP: #1386392 - CVE-2014-3687 * net: sctp: fix remote memory pressure from excessive queueing - LP: #1386393 - CVE-2014-3688 * mac80211: fix fragmentation code, particularly for encryption - LP: #1392013 - CVE-2014-8709 * ttusb-dec: buffer overflow in ioctl - LP: #1395187 - CVE-2014-8884 * net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet - LP: #1392820 - CVE-2014-7841 Date: 2014-11-25 14:00:22.516878+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-373.90 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 00:26:22 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 00:26:22 -0000 Subject: [ubuntu/lucid-security] linux 2.6.32-69.136 (Accepted) Message-ID: <20141211002622.6440.62251.launchpad@ackee.canonical.com> linux (2.6.32-69.136) lucid; urgency=low [ Brad Figg ] * Release Tracking Bug - LP: #1395827 [ Upstream Kernel Changes ] * net: sctp: fix skb_over_panic when receiving malformed ASCONF chunks - LP: #1386367 - CVE-2014-3673 * net: sctp: fix panic on duplicate ASCONF chunks - LP: #1386392 - CVE-2014-3687 * net: sctp: fix remote memory pressure from excessive queueing - LP: #1386393 - CVE-2014-3688 * mac80211: fix fragmentation code, particularly for encryption - LP: #1392013 - CVE-2014-8709 * ttusb-dec: buffer overflow in ioctl - LP: #1395187 - CVE-2014-8884 * net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet - LP: #1392820 - CVE-2014-7841 Date: 2014-11-24 21:11:12.465904+00:00 Changed-By: Brad Figg Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux/2.6.32-69.136 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 02:17:19 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 02:17:19 -0000 Subject: [ubuntu/lucid-proposed] linux-backports-modules-2.6.32 2.6.32-70.72 (Accepted) Message-ID: <20141211021719.31919.54830.launchpad@ackee.canonical.com> linux-backports-modules-2.6.32 (2.6.32-70.72) lucid; urgency=low * Start new release (and bump ABI) Date: 2014-12-09 11:48:14.501845+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-backports-modules-2.6.32/2.6.32-70.72 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 02:17:20 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 02:17:20 -0000 Subject: [ubuntu/lucid-proposed] linux 2.6.32-70.137 (Accepted) Message-ID: <20141211021720.31921.17172.launchpad@ackee.canonical.com> linux (2.6.32-70.137) lucid; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1400654 [ Upstream Kernel Changes ] * x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit - LP: #1400314 - CVE-2014-8134 Date: 2014-12-09 11:47:12.691907+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux/2.6.32-70.137 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 02:20:27 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 02:20:27 -0000 Subject: [ubuntu/lucid-proposed] linux-ec2 2.6.32-374.91 (Accepted) Message-ID: <20141211022027.31919.65216.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-374.91) lucid; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-70.137 * XEN: x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * Release Tracking Bug - LP: #1401050 [ Ubuntu: 2.6.32-70.137 ] * x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit - LP: #1400314 - CVE-2014-8134 Date: 2014-12-10 11:05:11.752980+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-374.91 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 02:20:39 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 02:20:39 -0000 Subject: [ubuntu/lucid-proposed] linux-meta 2.6.32.70.77 (Accepted) Message-ID: <20141211022039.31921.75121.launchpad@ackee.canonical.com> linux-meta (2.6.32.70.77) lucid; urgency=medium [ Luis Henriques ] * Bump ABI Date: 2014-12-09 11:48:28.245399+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta/2.6.32.70.77 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 02:20:42 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 02:20:42 -0000 Subject: [ubuntu/lucid-proposed] linux-meta-ec2 2.6.32.374.55 (Accepted) Message-ID: <20141211022042.31920.80053.launchpad@ackee.canonical.com> linux-meta-ec2 (2.6.32.374.55) lucid; urgency=low * Bump linux-ec2 ABI to 374 for stable release Date: 2014-12-10 11:07:11.884328+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta-ec2/2.6.32.374.55 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 02:20:48 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 02:20:48 -0000 Subject: [ubuntu/lucid-proposed] linux-ports-meta 2.6.32.70.64 (Accepted) Message-ID: <20141211022048.31919.33228.launchpad@ackee.canonical.com> linux-ports-meta (2.6.32.70.64) lucid; urgency=medium * Bump ABI Date: 2014-12-10 09:38:12.437239+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ports-meta/2.6.32.70.64 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:20 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:20 -0000 Subject: [ubuntu/lucid-updates] linux-backports-modules-2.6.32 2.6.32-70.72 (Accepted) Message-ID: <20141211062220.31919.2588.launchpad@ackee.canonical.com> linux-backports-modules-2.6.32 (2.6.32-70.72) lucid; urgency=low * Start new release (and bump ABI) Date: 2014-12-09 11:48:14.501845+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-backports-modules-2.6.32/2.6.32-70.72 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:27 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:27 -0000 Subject: [ubuntu/lucid-security] linux-backports-modules-2.6.32 2.6.32-70.72 (Accepted) Message-ID: <20141211062227.31919.41732.launchpad@ackee.canonical.com> linux-backports-modules-2.6.32 (2.6.32-70.72) lucid; urgency=low * Start new release (and bump ABI) Date: 2014-12-09 11:48:14.501845+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-backports-modules-2.6.32/2.6.32-70.72 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:31 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:31 -0000 Subject: [ubuntu/lucid-updates] linux-meta 2.6.32.70.77 (Accepted) Message-ID: <20141211062231.31919.61369.launchpad@ackee.canonical.com> linux-meta (2.6.32.70.77) lucid; urgency=medium [ Luis Henriques ] * Bump ABI Date: 2014-12-09 11:48:28.245399+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta/2.6.32.70.77 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:35 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:35 -0000 Subject: [ubuntu/lucid-updates] linux 2.6.32-70.137 (Accepted) Message-ID: <20141211062235.31921.12884.launchpad@ackee.canonical.com> linux (2.6.32-70.137) lucid; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1400654 [ Upstream Kernel Changes ] * x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit - LP: #1400314 - CVE-2014-8134 Date: 2014-12-09 11:47:12.691907+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux/2.6.32-70.137 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:37 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:37 -0000 Subject: [ubuntu/lucid-security] linux-meta 2.6.32.70.77 (Accepted) Message-ID: <20141211062237.31919.41834.launchpad@ackee.canonical.com> linux-meta (2.6.32.70.77) lucid; urgency=medium [ Luis Henriques ] * Bump ABI Date: 2014-12-09 11:48:28.245399+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta/2.6.32.70.77 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:39 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:39 -0000 Subject: [ubuntu/lucid-updates] linux-ports-meta 2.6.32.70.64 (Accepted) Message-ID: <20141211062239.31921.77478.launchpad@ackee.canonical.com> linux-ports-meta (2.6.32.70.64) lucid; urgency=medium * Bump ABI Date: 2014-12-10 09:38:12.437239+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ports-meta/2.6.32.70.64 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:39 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:39 -0000 Subject: [ubuntu/lucid-security] linux-ports-meta 2.6.32.70.64 (Accepted) Message-ID: <20141211062239.31919.93619.launchpad@ackee.canonical.com> linux-ports-meta (2.6.32.70.64) lucid; urgency=medium * Bump ABI Date: 2014-12-10 09:38:12.437239+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ports-meta/2.6.32.70.64 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:44 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:44 -0000 Subject: [ubuntu/lucid-security] linux 2.6.32-70.137 (Accepted) Message-ID: <20141211062244.31920.56915.launchpad@ackee.canonical.com> linux (2.6.32-70.137) lucid; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1400654 [ Upstream Kernel Changes ] * x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit - LP: #1400314 - CVE-2014-8134 Date: 2014-12-09 11:47:12.691907+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux/2.6.32-70.137 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:46 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:46 -0000 Subject: [ubuntu/lucid-updates] linux-meta-ec2 2.6.32.374.55 (Accepted) Message-ID: <20141211062246.31920.40794.launchpad@ackee.canonical.com> linux-meta-ec2 (2.6.32.374.55) lucid; urgency=low * Bump linux-ec2 ABI to 374 for stable release Date: 2014-12-10 11:07:11.884328+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta-ec2/2.6.32.374.55 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:47 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:47 -0000 Subject: [ubuntu/lucid-security] linux-meta-ec2 2.6.32.374.55 (Accepted) Message-ID: <20141211062247.31920.67838.launchpad@ackee.canonical.com> linux-meta-ec2 (2.6.32.374.55) lucid; urgency=low * Bump linux-ec2 ABI to 374 for stable release Date: 2014-12-10 11:07:11.884328+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta-ec2/2.6.32.374.55 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:55 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:55 -0000 Subject: [ubuntu/lucid-updates] linux-ec2 2.6.32-374.91 (Accepted) Message-ID: <20141211062255.31921.52063.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-374.91) lucid; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-70.137 * XEN: x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * Release Tracking Bug - LP: #1401050 [ Ubuntu: 2.6.32-70.137 ] * x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit - LP: #1400314 - CVE-2014-8134 Date: 2014-12-10 11:05:11.752980+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-374.91 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Thu Dec 11 06:22:59 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Thu, 11 Dec 2014 06:22:59 -0000 Subject: [ubuntu/lucid-security] linux-ec2 2.6.32-374.91 (Accepted) Message-ID: <20141211062259.31919.50482.launchpad@ackee.canonical.com> linux-ec2 (2.6.32-374.91) lucid; urgency=low [ Stefan Bader ] * Rebased to Ubuntu-2.6.32-70.137 * XEN: x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * Release Tracking Bug - LP: #1401050 [ Ubuntu: 2.6.32-70.137 ] * x86_64, traps: Stop using IST for #SS - LP: #1398795 - CVE-2014-9090 * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit - LP: #1400314 - CVE-2014-8134 Date: 2014-12-10 11:05:11.752980+00:00 Changed-By: Stefan Bader Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-374.91 -------------- next part -------------- Sorry, changesfile not available. From cjwatson at ubuntu.com Thu Dec 11 16:50:37 2014 From: cjwatson at ubuntu.com (Colin Watson) Date: Thu, 11 Dec 2014 16:50:37 -0000 Subject: [ubuntu/lucid-proposed] lazr.restfulclient 0.9.11-1ubuntu1.4 (Accepted) Message-ID: <20141211165037.17585.1635.launchpad@gac.canonical.com> lazr.restfulclient (0.9.11-1ubuntu1.4) lucid; urgency=medium * Always uppercase HTTP methods to match httplib2 expectations (LP: #1401544). Date: Thu, 11 Dec 2014 16:30:02 +0000 Changed-By: Colin Watson Maintainer: Ubuntu Core Developers https://launchpad.net/ubuntu/+source/lazr.restfulclient/0.9.11-1ubuntu1.4 -------------- next part -------------- Format: 1.8 Date: Thu, 11 Dec 2014 16:30:02 +0000 Source: lazr.restfulclient Binary: python-lazr.restfulclient Architecture: source Version: 0.9.11-1ubuntu1.4 Distribution: lucid Urgency: medium Maintainer: Ubuntu Core Developers Changed-By: Colin Watson Description: python-lazr.restfulclient - client for lazr.restful-based web services Launchpad-Bugs-Fixed: 1401544 Changes: lazr.restfulclient (0.9.11-1ubuntu1.4) lucid; urgency=medium . * Always uppercase HTTP methods to match httplib2 expectations (LP: #1401544). Checksums-Sha1: 63ccfcf3761bf2260303f1bcf792876d94d2a7c2 2367 lazr.restfulclient_0.9.11-1ubuntu1.4.dsc b509ceb10da38bb5f7d7ccfa8817c52cd1c2741e 12532 lazr.restfulclient_0.9.11-1ubuntu1.4.debian.tar.xz Checksums-Sha256: 67795a5f9d42c1864b4376cb7b9bf9035fdae12e373049e16086d86f86dd850c 2367 lazr.restfulclient_0.9.11-1ubuntu1.4.dsc d4cb94bd8ae5f274d75640ba4d116ea2272eeab63feef07b6fa9926b2580dfff 12532 lazr.restfulclient_0.9.11-1ubuntu1.4.debian.tar.xz Files: dab24bef06e794c766fa299ba14610b9 2367 python optional lazr.restfulclient_0.9.11-1ubuntu1.4.dsc f4fa5e0a0e444688074914b81fc07223 12532 python optional lazr.restfulclient_0.9.11-1ubuntu1.4.debian.tar.xz Original-Maintainer: Debian Python Modules Team From marc.deslauriers at canonical.com Thu Dec 11 19:03:35 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Thu, 11 Dec 2014 19:03:35 -0000 Subject: [ubuntu/lucid-security] qemu-kvm 0.12.3+noroms-0ubuntu9.26 (Accepted) Message-ID: <20141211190335.31919.12007.launchpad@ackee.canonical.com> qemu-kvm (0.12.3+noroms-0ubuntu9.26) lucid-security; urgency=medium * SECURITY UPDATE: code execution via cirrus vga blit regions (LP: #1400775) - debian/patches/CVE-2014-8106.patch: properly validate blit regions in hw/cirrus_vga.c. - CVE-2014-8106 Date: 2014-12-11 00:32:13.188907+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/qemu-kvm/0.12.3+noroms-0ubuntu9.26 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Thu Dec 11 19:58:40 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Thu, 11 Dec 2014 19:58:40 -0000 Subject: [ubuntu/lucid-updates] qemu-kvm 0.12.3+noroms-0ubuntu9.26 (Accepted) Message-ID: <20141211195840.31919.56423.launchpad@ackee.canonical.com> qemu-kvm (0.12.3+noroms-0ubuntu9.26) lucid-security; urgency=medium * SECURITY UPDATE: code execution via cirrus vga blit regions (LP: #1400775) - debian/patches/CVE-2014-8106.patch: properly validate blit regions in hw/cirrus_vga.c. - CVE-2014-8106 Date: 2014-12-11 00:32:13.188907+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/qemu-kvm/0.12.3+noroms-0ubuntu9.26 -------------- next part -------------- Sorry, changesfile not available. From sbeattie at ubuntu.com Thu Dec 11 20:02:41 2014 From: sbeattie at ubuntu.com (Steve Beattie) Date: Thu, 11 Dec 2014 20:02:41 -0000 Subject: [ubuntu/lucid-security] mutt 1.5.20-7ubuntu1.3 (Accepted) Message-ID: <20141211200241.31920.20246.launchpad@ackee.canonical.com> mutt (1.5.20-7ubuntu1.3) lucid-security; urgency=medium * SECURITY UPDATE: heap-based overflow in mutt_substrdup() when handling headers beginning with newline. - debian/patches/ubuntu/mutt-CVE-2014-9116.patch - CVE-2014-9116 Date: 2014-12-10 21:52:11.883077+00:00 Changed-By: Steve Beattie https://launchpad.net/ubuntu/+source/mutt/1.5.20-7ubuntu1.3 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Thu Dec 11 20:58:52 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Thu, 11 Dec 2014 20:58:52 -0000 Subject: [ubuntu/lucid-updates] mutt 1.5.20-7ubuntu1.3 (Accepted) Message-ID: <20141211205852.31921.62661.launchpad@ackee.canonical.com> mutt (1.5.20-7ubuntu1.3) lucid-security; urgency=medium * SECURITY UPDATE: heap-based overflow in mutt_substrdup() when handling headers beginning with newline. - debian/patches/ubuntu/mutt-CVE-2014-9116.patch - CVE-2014-9116 Date: 2014-12-10 21:52:11.883077+00:00 Changed-By: Steve Beattie Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/mutt/1.5.20-7ubuntu1.3 -------------- next part -------------- Sorry, changesfile not available. From cjwatson at canonical.com Thu Dec 18 17:36:16 2014 From: cjwatson at canonical.com (Colin Watson) Date: Thu, 18 Dec 2014 17:36:16 -0000 Subject: [ubuntu/lucid-updates] lazr.restfulclient 0.9.11-1ubuntu1.4 (Accepted) Message-ID: <20141218173616.8613.43866.launchpad@ackee.canonical.com> lazr.restfulclient (0.9.11-1ubuntu1.4) lucid; urgency=medium * Always uppercase HTTP methods to match httplib2 expectations (LP: #1401544). Date: 2014-12-11 16:44:10.681961+00:00 Changed-By: Colin Watson https://launchpad.net/ubuntu/+source/lazr.restfulclient/0.9.11-1ubuntu1.4 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Fri Dec 19 07:11:22 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Fri, 19 Dec 2014 07:11:22 -0000 Subject: [ubuntu/lucid-proposed] linux-backports-modules-2.6.32 2.6.32-71.73 (Accepted) Message-ID: <20141219071122.12486.63629.launchpad@ackee.canonical.com> linux-backports-modules-2.6.32 (2.6.32-71.73) lucid; urgency=low * Start new release (and bump ABI) Date: 2014-12-18 17:36:47.166513+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-backports-modules-2.6.32/2.6.32-71.73 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Fri Dec 19 07:11:33 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Fri, 19 Dec 2014 07:11:33 -0000 Subject: [ubuntu/lucid-proposed] linux-ports-meta 2.6.32.71.65 (Accepted) Message-ID: <20141219071133.12486.30012.launchpad@ackee.canonical.com> linux-ports-meta (2.6.32.71.65) lucid; urgency=medium * Bump ABI Date: 2014-12-18 17:37:16.900256+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-ports-meta/2.6.32.71.65 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Fri Dec 19 07:11:34 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Fri, 19 Dec 2014 07:11:34 -0000 Subject: [ubuntu/lucid-proposed] linux-meta 2.6.32.71.78 (Accepted) Message-ID: <20141219071134.12487.53694.launchpad@ackee.canonical.com> linux-meta (2.6.32.71.78) lucid; urgency=medium [ Luis Henriques ] * Bump ABI Date: 2014-12-18 17:37:12.293332+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux-meta/2.6.32.71.78 -------------- next part -------------- Sorry, changesfile not available. From adconrad at 0c3.net Fri Dec 19 07:11:37 2014 From: adconrad at 0c3.net (Adam Conrad) Date: Fri, 19 Dec 2014 07:11:37 -0000 Subject: [ubuntu/lucid-proposed] linux 2.6.32-71.138 (Accepted) Message-ID: <20141219071137.12485.15725.launchpad@ackee.canonical.com> linux (2.6.32-71.138) lucid; urgency=low [ Luis Henriques ] * Release Tracking Bug - LP: #1403943 [ Luis Henriques ] * [Config] updateconfigs CONFIG_X86_16BIT=y after v2.6.32.65 update [ Upstream Kernel Changes ] * KVM: x86: Check non-canonical addresses upon WRMSR - LP: #1384539 - CVE-2014-3610 * KVM: x86: Improve thread safety in pit - LP: #1384540 - CVE-2014-3611 * net:socket: set msg_namelen to 0 if msg_name is passed as NULL in msghdr struct from userland. - LP: #1335478 * x86, 64-bit: Move K8 B step iret fixup to fault entry asm - LP: #1403918 * x86-64: Adjust frame type at paranoid_exit: - LP: #1403918 * x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels - LP: #1403918 * x86-32, espfix: Remove filter for espfix32 due to race - LP: #1403918 * x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack - LP: #1403918 * x86, espfix: Move espfix definitions into a separate header file - LP: #1403918 * x86, espfix: Fix broken header guard - LP: #1403918 * x86, espfix: Make espfix64 a Kconfig option, fix UML - LP: #1403918 * x86, espfix: Make it possible to disable 16-bit support - LP: #1403918 * x86_64/entry/xen: Do not invoke espfix64 on Xen - LP: #1403918 * x86/espfix/xen: Fix allocation of pages for paravirt page tables - LP: #1403918 * x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C - LP: #1403918 * x86_64, traps: Rework bad_iret - LP: #1403918 Date: 2014-12-18 17:36:16.368252+00:00 Changed-By: Luis Henriques Signed-By: Adam Conrad https://launchpad.net/ubuntu/+source/linux/2.6.32-71.138 -------------- next part -------------- Sorry, changesfile not available. From marc.deslauriers at canonical.com Mon Dec 22 12:58:06 2014 From: marc.deslauriers at canonical.com (Marc Deslauriers) Date: Mon, 22 Dec 2014 12:58:06 -0000 Subject: [ubuntu/lucid-security] ntp 1:4.2.4p8+dfsg-1ubuntu2.2 (Accepted) Message-ID: <20141222125806.2852.47708.launchpad@ackee.canonical.com> ntp (1:4.2.4p8+dfsg-1ubuntu2.2) lucid-security; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv() and ctl_putdata() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 Date: 2014-12-20 11:51:12.372232+00:00 Changed-By: Marc Deslauriers https://launchpad.net/ubuntu/+source/ntp/1:4.2.4p8+dfsg-1ubuntu2.2 -------------- next part -------------- Sorry, changesfile not available. From cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk Mon Dec 22 13:28:18 2014 From: cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk (Ubuntu Archive Robot) Date: Mon, 22 Dec 2014 13:28:18 -0000 Subject: [ubuntu/lucid-updates] ntp 1:4.2.4p8+dfsg-1ubuntu2.2 (Accepted) Message-ID: <20141222132818.2852.37756.launchpad@ackee.canonical.com> ntp (1:4.2.4p8+dfsg-1ubuntu2.2) lucid-security; urgency=medium * SECURITY UPDATE: weak default key in config_auth() - debian/patches/CVE-2014-9293.patch: use openssl for random key in ntpd/ntp_config.c, ntpd/ntpd.c. - CVE-2014-9293 * SECURITY UPDATE: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys - debian/patches/CVE-2014-9294.patch: use openssl for random key in include/ntp_random.h, libntp/ntp_random.c, util/ntp-keygen.c. - CVE-2014-9294 * SECURITY UPDATE: buffer overflows in crypto_recv() and ctl_putdata() - debian/patches/CVE-2014-9295.patch: check lengths in ntpd/ntp_control.c, ntpd/ntp_crypto.c. - CVE-2014-9295 Date: 2014-12-20 11:51:12.372232+00:00 Changed-By: Marc Deslauriers Signed-By: Ubuntu Archive Robot https://launchpad.net/ubuntu/+source/ntp/1:4.2.4p8+dfsg-1ubuntu2.2 -------------- next part -------------- Sorry, changesfile not available.