From gary.lasker at canonical.com  Wed Nov  2 14:13:43 2011
From: gary.lasker at canonical.com (Gary Lasker)
Date: Wed, 02 Nov 2011 14:13:43 -0000
Subject: [ubuntu/maverick-proposed] tzdata 2011n-0ubuntu0.10.10 (Accepted)
Message-ID: <20111102141343.5260.51467.launchpad@soybean.canonical.com>

tzdata (2011n-0ubuntu0.10.10) maverick-proposed; urgency=low

  * New upstream release 2011n (LP: #884866):
    - Cuba: Change end date of DST in 2011
    - Fiji: Change end date of DST in 2012
    - Pridnestrovian Moldavian Republic: Restore end date
      of DST in 2011

Date: Tue, 01 Nov 2011 15:45:06 -0400
Changed-By: Gary Lasker <gary.lasker at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Martin Pitt <martin.pitt at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/tzdata/2011n-0ubuntu0.10.10
-------------- next part --------------
Format: 1.8
Date: Tue, 01 Nov 2011 15:45:06 -0400
Source: tzdata
Binary: tzdata tzdata-java
Architecture: source
Version: 2011n-0ubuntu0.10.10
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Gary Lasker <gary.lasker at canonical.com>
Description: 
 tzdata     - time zone and daylight-saving time data
 tzdata-java - time zone and daylight-saving time data for use by java runtimes
Launchpad-Bugs-Fixed: 884866
Changes: 
 tzdata (2011n-0ubuntu0.10.10) maverick-proposed; urgency=low
 .
   * New upstream release 2011n (LP: #884866):
     - Cuba: Change end date of DST in 2011
     - Fiji: Change end date of DST in 2012
     - Pridnestrovian Moldavian Republic: Restore end date
       of DST in 2011
Checksums-Sha1: 
 ca1fb1912cb7523a29e9384dccece29110f9f70e 1909 tzdata_2011n-0ubuntu0.10.10.dsc
 5435fae9844dc89f9d418aa956e161e23d1babdf 204684 tzdata_2011n.orig.tar.gz
 1765f95aabd6cdd607c32e9ce6ce2efbeea9be24 242529 tzdata_2011n-0ubuntu0.10.10.debian.tar.gz
Checksums-Sha256: 
 1a4d242a5fbb53be0e73260c8c00f737884d35b4d7bd4181702497c8092fb7bf 1909 tzdata_2011n-0ubuntu0.10.10.dsc
 a343e542486b2b8ebdeca474eed79f1c04f69420ca943c2b9bdea1d2385e38cd 204684 tzdata_2011n.orig.tar.gz
 45ddea9da67f038f372499476c8a7decbc9cfdf2a2e776251343ccae3986967c 242529 tzdata_2011n-0ubuntu0.10.10.debian.tar.gz
Files: 
 3a532d4f9e14b6aedeee5c3d8f4ae377 1909 libs required tzdata_2011n-0ubuntu0.10.10.dsc
 20dbfb28efa008ddbf6dd34601ea40fa 204684 libs required tzdata_2011n.orig.tar.gz
 964dcc3791aa022f0f7ab6ec68e75080 242529 libs required tzdata_2011n-0ubuntu0.10.10.debian.tar.gz
Original-Maintainer: GNU Libc Maintainers <debian-glibc at lists.debian.org>

From adamg at canonical.com  Tue Nov  8 03:28:02 2011
From: adamg at canonical.com (Adam Gandelman)
Date: Tue, 08 Nov 2011 03:28:02 -0000
Subject: [ubuntu/maverick-proposed] facter 1.5.7-1ubuntu1.3 (Accepted)
Message-ID: <20111108032802.24329.19318.launchpad@cocoplum.canonical.com>

facter (1.5.7-1ubuntu1.3) maverick-proposed; urgency=low

  * lib/facter/ec2.rb: Rescue condition in can_connect() when timeout()
    actually has a chance to timeout. (LP: #885998)

Date: Mon, 07 Nov 2011 10:27:58 -0800
Changed-By: Adam Gandelman <adamg at canonical.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Clint Byrum <clint at fewbar.com>
https://launchpad.net/ubuntu/maverick/+source/facter/1.5.7-1ubuntu1.3
-------------- next part --------------
Format: 1.8
Date: Mon, 07 Nov 2011 10:27:58 -0800
Source: facter
Binary: facter
Architecture: source
Version: 1.5.7-1ubuntu1.3
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Adam Gandelman <adamg at canonical.com>
Description: 
 facter     - a library for retrieving facts from operating systems
Launchpad-Bugs-Fixed: 885998
Changes: 
 facter (1.5.7-1ubuntu1.3) maverick-proposed; urgency=low
 .
   * lib/facter/ec2.rb: Rescue condition in can_connect() when timeout()
     actually has a chance to timeout. (LP: #885998)
Checksums-Sha1: 
 14bce5f39a8cfff76b328c58daf73e2d10c27f9e 1541 facter_1.5.7-1ubuntu1.3.dsc
 03ef322451ae853a0ac71be398dca796b49181a0 6234 facter_1.5.7-1ubuntu1.3.diff.gz
Checksums-Sha256: 
 fc76002e06af8bd1f9c7473355c05fcbad8e915dea5b5183da13ffef7c15f902 1541 facter_1.5.7-1ubuntu1.3.dsc
 88b7eb934e013b8a50b80eae8f1183a72664bebe6b80b5a8ee8b6182ebfc2cda 6234 facter_1.5.7-1ubuntu1.3.diff.gz
Files: 
 38598a3a87b00190c8a6fe21ff12da0e 1541 admin optional facter_1.5.7-1ubuntu1.3.dsc
 844395004ad5d4c0bb1efac2c4eefcb0 6234 admin optional facter_1.5.7-1ubuntu1.3.diff.gz
Original-Maintainer: Puppet Package Maintainers <pkg-puppet-devel at lists.alioth.debian.org>

From marc.deslauriers at ubuntu.com  Tue Nov  8 13:03:47 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Tue, 08 Nov 2011 13:03:47 -0000
Subject: [ubuntu/maverick-security] tomcat6 6.0.28-2ubuntu1.5 (Accepted)
Message-ID: <20111108130347.22732.85372.launchpad@cocoplum.canonical.com>

tomcat6 (6.0.28-2ubuntu1.5) maverick-security; urgency=low

  * SECURITY UPDATE: information disclosure via log file
    - debian/patches/0015-CVE-2011-2204.patch: fix logging in
      java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java,
      java/org/apache/catalina/users/MemoryUserDatabase.java,
      java/org/apache/catalina/users/MemoryUser.java.
    - CVE-2011-2204
  * SECURITY UPDATE: file restriction bypass or denial of service via
    untrusted web application.
    - debian/patches/0016-CVE-2011-2526.patch: check canonical name in
      java/org/apache/catalina/connector/LocalStrings.properties,
      java/org/apache/catalina/connector/Request.java,
      java/org/apache/catalina/servlets/DefaultServlet.java,
      java/org/apache/coyote/http11/Http11AprProcessor.java,
      java/org/apache/coyote/http11/LocalStrings.properties,
      java/org/apache/tomcat/util/net/AprEndpoint.java,
      java/org/apache/tomcat/util/net/NioEndpoint.java.
    - CVE-2011-2526
  * SECURITY UPDATE: AJP request spoofing and authentication bypass
    (LP: #843701)
    - debian/patches/0017-CVE-2011-3190.patch: Properly handle request
      bodies in java/org/apache/coyote/ajp/AjpAprProcessor.java,
      java/org/apache/coyote/ajp/AjpProcessor.java.
    - CVE-2011-3190
  * SECURITY UPDATE: HTTP DIGEST authentication weaknesses
    - debian/patches/0018-CVE-2011-1184.patch: add new nonce options in
      java/org/apache/catalina/authenticator/DigestAuthenticator.java,
      java/org/apache/catalina/authenticator/LocalStrings.properties,
      java/org/apache/catalina/authenticator/mbeans-descriptors.xml,
      java/org/apache/catalina/realm/RealmBase.java,
      webapps/docs/config/valve.xml.
    - CVE-2011-1184
  * This package does _not_ contain the changes that were in
    6.0.28-2ubuntu1.3 in -proposed.

Date: Mon, 26 Sep 2011 11:48:20 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/tomcat6/6.0.28-2ubuntu1.5
-------------- next part --------------
Format: 1.8
Date: Mon, 26 Sep 2011 11:48:20 -0400
Source: tomcat6
Binary: tomcat6-common tomcat6 tomcat6-user libtomcat6-java libservlet2.5-java libservlet2.5-java-doc tomcat6-admin tomcat6-examples tomcat6-docs
Architecture: source
Version: 6.0.28-2ubuntu1.5
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libservlet2.5-java - Servlet 2.5 and JSP 2.1 Java API classes
 libservlet2.5-java-doc - Servlet 2.5 and JSP 2.1 Java API documentation
 libtomcat6-java - Servlet and JSP engine -- core libraries
 tomcat6    - Servlet and JSP engine
 tomcat6-admin - Servlet and JSP engine -- admin web applications
 tomcat6-common - Servlet and JSP engine -- common files
 tomcat6-docs - Servlet and JSP engine -- documentation
 tomcat6-examples - Servlet and JSP engine -- example web applications
 tomcat6-user - Servlet and JSP engine -- tools to create user instances
Launchpad-Bugs-Fixed: 843701
Changes: 
 tomcat6 (6.0.28-2ubuntu1.5) maverick-security; urgency=low
 .
   * SECURITY UPDATE: information disclosure via log file
     - debian/patches/0015-CVE-2011-2204.patch: fix logging in
       java/org/apache/catalina/mbeans/MemoryUserDatabaseMBean.java,
       java/org/apache/catalina/users/MemoryUserDatabase.java,
       java/org/apache/catalina/users/MemoryUser.java.
     - CVE-2011-2204
   * SECURITY UPDATE: file restriction bypass or denial of service via
     untrusted web application.
     - debian/patches/0016-CVE-2011-2526.patch: check canonical name in
       java/org/apache/catalina/connector/LocalStrings.properties,
       java/org/apache/catalina/connector/Request.java,
       java/org/apache/catalina/servlets/DefaultServlet.java,
       java/org/apache/coyote/http11/Http11AprProcessor.java,
       java/org/apache/coyote/http11/LocalStrings.properties,
       java/org/apache/tomcat/util/net/AprEndpoint.java,
       java/org/apache/tomcat/util/net/NioEndpoint.java.
     - CVE-2011-2526
   * SECURITY UPDATE: AJP request spoofing and authentication bypass
     (LP: #843701)
     - debian/patches/0017-CVE-2011-3190.patch: Properly handle request
       bodies in java/org/apache/coyote/ajp/AjpAprProcessor.java,
       java/org/apache/coyote/ajp/AjpProcessor.java.
     - CVE-2011-3190
   * SECURITY UPDATE: HTTP DIGEST authentication weaknesses
     - debian/patches/0018-CVE-2011-1184.patch: add new nonce options in
       java/org/apache/catalina/authenticator/DigestAuthenticator.java,
       java/org/apache/catalina/authenticator/LocalStrings.properties,
       java/org/apache/catalina/authenticator/mbeans-descriptors.xml,
       java/org/apache/catalina/realm/RealmBase.java,
       webapps/docs/config/valve.xml.
     - CVE-2011-1184
   * This package does _not_ contain the changes that were in
     6.0.28-2ubuntu1.3 in -proposed.
Checksums-Sha1: 
 4860fb0cc96f13cf7e3a15048e29fae9aeb8b778 2360 tomcat6_6.0.28-2ubuntu1.5.dsc
 0bd6ae955b08dc60190f283e800a8acc351dde25 49303 tomcat6_6.0.28-2ubuntu1.5.debian.tar.gz
Checksums-Sha256: 
 3c7d616679016cce425cd95f99a2ddeb2d06c33fd006401b57fa8b86ac6619fe 2360 tomcat6_6.0.28-2ubuntu1.5.dsc
 e4ed217712568e905c84dfa02bc2cc1dcf1a32c7ab56d40a104e12101b23e8c2 49303 tomcat6_6.0.28-2ubuntu1.5.debian.tar.gz
Files: 
 0fca1b05d93a799091f2a610c62b4b64 2360 java optional tomcat6_6.0.28-2ubuntu1.5.dsc
 2c2d38b58ffefb572626f4cc50da88af 49303 java optional tomcat6_6.0.28-2ubuntu1.5.debian.tar.gz
Original-Maintainer: Debian Java Maintainers <pkg-java-maintainers at lists.alioth.debian.org>

From foss at rolf.leggewie.biz  Tue Nov  8 23:24:00 2011
From: foss at rolf.leggewie.biz (Rolf Leggewie)
Date: Tue, 08 Nov 2011 23:24:00 -0000
Subject: [ubuntu/maverick-proposed] piuparts 0.38ubuntu3.10.10.1 (Accepted)
Message-ID: <20111108232400.7027.85127.launchpad@chaenomeles.canonical.com>

piuparts (0.38ubuntu3.10.10.1) maverick-proposed; urgency=low

  * set default keyring name to ubuntu-archive-keyring.gpg (LP: #807545)
    backported from oneiric

Date: Tue, 08 Nov 2011 12:04:52 +0000
Changed-By: Rolf Leggewie <foss at rolf.leggewie.biz>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Colin Watson <cjwatson at canonical.com>
https://launchpad.net/ubuntu/maverick/+source/piuparts/0.38ubuntu3.10.10.1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 12:04:52 +0000
Source: piuparts
Binary: piuparts
Architecture: source
Version: 0.38ubuntu3.10.10.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Rolf Leggewie <foss at rolf.leggewie.biz>
Description: 
 piuparts   - .deb package installation, upgrading, and removal testing tool
Launchpad-Bugs-Fixed: 807545
Changes: 
 piuparts (0.38ubuntu3.10.10.1) maverick-proposed; urgency=low
 .
   * set default keyring name to ubuntu-archive-keyring.gpg (LP: #807545)
     backported from oneiric
Checksums-Sha1: 
 35624f3637a7b5ca32a166040f8d0095c97b4fa0 1915 piuparts_0.38ubuntu3.10.10.1.dsc
 2f97e1bbd13d790b024437f19f3f4b73a1dce133 82538 piuparts_0.38ubuntu3.10.10.1.tar.gz
Checksums-Sha256: 
 a5efd642623ed046a8d1a853073b5615826030349af384df040659f20350d97e 1915 piuparts_0.38ubuntu3.10.10.1.dsc
 04fd47df71f8c962907ab36c17115c426f799dcab67e033d326bbf4f06a27314 82538 piuparts_0.38ubuntu3.10.10.1.tar.gz
Files: 
 f6e9d172d63d238b565662e20d9aa1f7 1915 devel extra piuparts_0.38ubuntu3.10.10.1.dsc
 d4d2e2987b7a3da47f81fb42db7ac48e 82538 devel extra piuparts_0.38ubuntu3.10.10.1.tar.gz
Original-Maintainer: piuparts developers team <piuparts-devel at lists.alioth.debian.org>

From brian.thomason at canonical.com  Wed Nov  9 14:25:26 2011
From: brian.thomason at canonical.com (Brian Thomason)
Date: Wed, 09 Nov 2011 14:25:26 -0000
Subject: [ubuntu/maverick] acroread 9.4.6-0maverick1 (Accepted)
Message-ID: <20111109142526.21426.73602.launchpad@cocoplum.canonical.com>

acroread (9.4.6-0maverick1) maverick; urgency=low

  * Initial release of 9.4.6 for Maverick

Date: Wed, 09 Nov 2011 09:18:22 -0500
Changed-By: Brian Thomason <brian.thomason at canonical.com>
https://launchpad.net/ubuntu/maverick/+source/acroread/9.4.6-0maverick1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 09 Nov 2011 09:18:22 -0500
Source: acroread
Binary: acroread
Architecture: source
Version: 9.4.6-0maverick1
Distribution: maverick
Urgency: low
Maintainer: Brian Thomason <brian.thomason at canonical.com>
Changed-By: Brian Thomason <brian.thomason at canonical.com>
Description: 
 acroread   - Adobe Reader
Changes: 
 acroread (9.4.6-0maverick1) maverick; urgency=low
 .
   * Initial release of 9.4.6 for Maverick
Checksums-Sha1: 
 b44ec7d566466399d187adbcd7d1b7fe89776fa0 1214 acroread_9.4.6-0maverick1.dsc
 29e5ff19a9a329d81c9a2293b09ca498ef3ddabd 15346 acroread_9.4.6-0maverick1.diff.gz
Checksums-Sha256: 
 f7dda204ff2cf3f721df7e7e1a66666c397759a59562548911f5b1bdada0639f 1214 acroread_9.4.6-0maverick1.dsc
 d44ce04d36b13d239d15b95aae5983e6ad774101bcbcc4921b5c63c05e82979c 15346 acroread_9.4.6-0maverick1.diff.gz
Files: 
 d00f9402d1b3ec0bf384323babe6981f 1214 partner/text extra acroread_9.4.6-0maverick1.dsc
 5788f50bb34b92a45b9d858d52569298 15346 partner/text extra acroread_9.4.6-0maverick1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEUEARECAAYFAk66i8kACgkQOb4zNfJqN5ffjACVEXN3gU9WbXJrhWHLFooCeWaB
xgCdEGeAw6Z1Q9Kh8kyvzpYa5lZY7xI=
=V5zJ
-----END PGP SIGNATURE-----

From marc.deslauriers at ubuntu.com  Wed Nov  9 15:03:32 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Wed, 09 Nov 2011 15:03:32 -0000
Subject: [ubuntu/maverick-security] libmodplug 1:0.8.8.1-1ubuntu1.3 (Accepted)
Message-ID: <20111109150332.2322.13144.launchpad@cocoplum.canonical.com>

libmodplug (1:0.8.8.1-1ubuntu1.3) maverick-security; urgency=low

  * SECURITY UPDATE: integer overflow in CSoundFile::ReadWav()
    - properly calculate length in src/load_wav.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=2d4c56de314ab13e4437bd8b609f0b751066eee8
    - CVE-2011-2911
  * SECURITY UPDATE: boundary error in CSoundFile::ReadS3M()
    - validate offsets and ignore duplicate samples in src/load_s3m.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=4e5295658fff000379caa122e75c9200205fe20
    - CVE-2011-2912
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS()
    - fix calculation in src/load_ams.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
    - CVE-2011-2913
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadDSM()
    - fix calculation in src/load_dsm.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
    - CVE-2011-2914
  * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS2()
    - fix calculation in src/load_ams.cpp.
    - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea
    - CVE-2011-2915

Date: Fri, 14 Oct 2011 13:43:02 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/libmodplug/1:0.8.8.1-1ubuntu1.3
-------------- next part --------------
Format: 1.8
Date: Fri, 14 Oct 2011 13:43:02 -0400
Source: libmodplug
Binary: libmodplug1 libmodplug-dev
Architecture: source
Version: 1:0.8.8.1-1ubuntu1.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libmodplug-dev - development files for mod music based on ModPlug
 libmodplug1 - shared libraries for mod music based on ModPlug
Changes: 
 libmodplug (1:0.8.8.1-1ubuntu1.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: integer overflow in CSoundFile::ReadWav()
     - properly calculate length in src/load_wav.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=2d4c56de314ab13e4437bd8b609f0b751066eee8
     - CVE-2011-2911
   * SECURITY UPDATE: boundary error in CSoundFile::ReadS3M()
     - validate offsets and ignore duplicate samples in src/load_s3m.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=4e5295658fff000379caa122e75c9200205fe20
     - CVE-2011-2912
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS()
     - fix calculation in src/load_ams.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
     - CVE-2011-2913
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadDSM()
     - fix calculation in src/load_dsm.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef
     - CVE-2011-2914
   * SECURITY UPDATE: off-by-one in CSoundFile::ReadAMS2()
     - fix calculation in src/load_ams.cpp.
     - http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commit;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea
     - CVE-2011-2915
Checksums-Sha1: 
 360ddca4007609cf4231624df49d72fafb1dce2c 1801 libmodplug_0.8.8.1-1ubuntu1.3.dsc
 0ce29e6482b663ea5c177b9bd5afa5c469f5c029 15095 libmodplug_0.8.8.1-1ubuntu1.3.diff.gz
Checksums-Sha256: 
 4ca8351e30f9a280d414ab94edaf999ff24c065127775f8889b320e48bda8ac9 1801 libmodplug_0.8.8.1-1ubuntu1.3.dsc
 ac3040abfd26bf1b7fefb9417449426e54502c6b111297a5ead79e7be0605a01 15095 libmodplug_0.8.8.1-1ubuntu1.3.diff.gz
Files: 
 0e662a0aaa18280a0b5fd101334a1d47 1801 libs optional libmodplug_0.8.8.1-1ubuntu1.3.dsc
 205c1855d057db61d87430a5472255b7 15095 libs optional libmodplug_0.8.8.1-1ubuntu1.3.diff.gz
Original-Maintainer: Zed Pobre <zed at debian.org>

From jamie at ubuntu.com  Wed Nov  9 21:03:34 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Wed, 09 Nov 2011 21:03:34 -0000
Subject: [ubuntu/maverick-security] python-django-piston 0.2.2-1ubuntu0.2
	(Accepted)
Message-ID: <20111109210334.13278.83277.launchpad@cocoplum.canonical.com>

python-django-piston (0.2.2-1ubuntu0.2) maverick-security; urgency=low

  * SECURITY UPDATE: remote code execution vulnerability. LP: #884910
    - 02-fix-yaml-load.diff: use yaml.safe_load
    - 03-fix-pickle-load.diff: disable unpickling, backport from 0.2.3, patch
      thanks to Debian
    - https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/
    - Ubuntu patch thanks to Julian Taylor <jtaylor.debian at googlemail.com>
    - CVE-2011-4103

Date: Wed, 09 Nov 2011 10:04:28 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/python-django-piston/0.2.2-1ubuntu0.2
-------------- next part --------------
Format: 1.8
Date: Wed, 09 Nov 2011 10:04:28 -0600
Source: python-django-piston
Binary: python-django-piston
Architecture: source
Version: 0.2.2-1ubuntu0.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 python-django-piston - Django mini-framework creating RESTful APIs
Launchpad-Bugs-Fixed: 884910
Changes: 
 python-django-piston (0.2.2-1ubuntu0.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: remote code execution vulnerability. LP: #884910
     - 02-fix-yaml-load.diff: use yaml.safe_load
     - 03-fix-pickle-load.diff: disable unpickling, backport from 0.2.3, patch
       thanks to Debian
     - https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/
     - Ubuntu patch thanks to Julian Taylor <jtaylor.debian at googlemail.com>
     - CVE-2011-4103
Checksums-Sha1: 
 38d4f079e797a7f9913dad47c8063db8f9d5dbe7 2266 python-django-piston_0.2.2-1ubuntu0.2.dsc
 0255eee332a0131b36e2a25c2fef19d14e9e28e4 4839 python-django-piston_0.2.2-1ubuntu0.2.debian.tar.gz
Checksums-Sha256: 
 61813056fcb7a3affb2d01889c6ddff2a23c31a24cb5c762e9dd0ffd420c3f58 2266 python-django-piston_0.2.2-1ubuntu0.2.dsc
 a30480f4d1cc7a5916ccdaae4328fa466b887a01c5cf27885079a8b720940738 4839 python-django-piston_0.2.2-1ubuntu0.2.debian.tar.gz
Files: 
 b37bc16917dbc350e1bf1d6c5492e0bb 2266 python optional python-django-piston_0.2.2-1ubuntu0.2.dsc
 3355339510b4ea99fd956a295c042ffc 4839 python optional python-django-piston_0.2.2-1ubuntu0.2.debian.tar.gz
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>

From mattias.ellert at fysast.uu.se  Thu Nov 10 06:12:55 2011
From: mattias.ellert at fysast.uu.se (Mattias Ellert)
Date: Thu, 10 Nov 2011 06:12:55 -0000
Subject: [ubuntu/maverick-proposed] globus-gssapi-gsi 7.5-2ubuntu0.10.10.1
	(Accepted)
Message-ID: <20111110061255.7324.68662.launchpad@chaenomeles.canonical.com>

globus-gssapi-gsi (7.5-2ubuntu0.10.10.1) maverick-proposed; urgency=low

  * Rebuild for openssl >= 0.9.8m (LP: #703897)

Date: Thu, 13 Oct 2011 07:24:58 +0200
Changed-By: Mattias Ellert <mattias.ellert at fysast.uu.se>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/globus-gssapi-gsi/7.5-2ubuntu0.10.10.1
-------------- next part --------------
Format: 1.8
Date: Thu, 13 Oct 2011 07:24:58 +0200
Source: globus-gssapi-gsi
Binary: libglobus-gssapi-gsi4 libglobus-gssapi-gsi-dev libglobus-gssapi-gsi-doc globus-gssapi-gsi-dbg
Architecture: source
Version: 7.5-2ubuntu0.10.10.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Mattias Ellert <mattias.ellert at fysast.uu.se>
Description: 
 globus-gssapi-gsi-dbg - Globus Toolkit - GSSAPI library Debug Symbols
 libglobus-gssapi-gsi-dev - Globus Toolkit - GSSAPI library Development Files
 libglobus-gssapi-gsi-doc - Globus Toolkit - GSSAPI library Documentation Files
 libglobus-gssapi-gsi4 - Globus Toolkit - GSSAPI library
Launchpad-Bugs-Fixed: 703897
Changes: 
 globus-gssapi-gsi (7.5-2ubuntu0.10.10.1) maverick-proposed; urgency=low
 .
   * Rebuild for openssl >= 0.9.8m (LP: #703897)
Checksums-Sha1: 
 8f58d6fd1f427ce20ab6881e43131f8741ddd5bb 2636 globus-gssapi-gsi_7.5-2ubuntu0.10.10.1.dsc
 e910c83776f310e07b7defb9d14453bc44932418 4592 globus-gssapi-gsi_7.5-2ubuntu0.10.10.1.debian.tar.gz
Checksums-Sha256: 
 07eee55313a33566fa4a22ab502031005db79c06f6af2addb1825fc3700cce5c 2636 globus-gssapi-gsi_7.5-2ubuntu0.10.10.1.dsc
 13faf87814967f735675e02d6b8732ced5682f9e8dcfd5acc6ed2ee2a8b5e981 4592 globus-gssapi-gsi_7.5-2ubuntu0.10.10.1.debian.tar.gz
Files: 
 2e18e68a75f1433379413feb8bae6820 2636 net optional globus-gssapi-gsi_7.5-2ubuntu0.10.10.1.dsc
 94faaf46f875ea10b1c0e55ca1776749 4592 net optional globus-gssapi-gsi_7.5-2ubuntu0.10.10.1.debian.tar.gz
Original-Maintainer: Mattias Ellert <mattias.ellert at fysast.uu.se>

From jean-louis at dupond.be  Thu Nov 10 06:13:07 2011
From: jean-louis at dupond.be (Jean-Louis Dupond)
Date: Thu, 10 Nov 2011 06:13:07 -0000
Subject: [ubuntu/maverick-proposed] papyon 0.5.1-0ubuntu2.1 (Accepted)
Message-ID: <20111110061307.7225.27866.launchpad@chaenomeles.canonical.com>

papyon (0.5.1-0ubuntu2.1) maverick-proposed; urgency=low

  * debian/patches/11_lp_887349.patch :
    - Fix login failure due to trying to interact to an obsolete
      server (LP: #887349).

Date: Tue, 08 Nov 2011 16:49:29 +0100
Changed-By: Jean-Louis Dupond <jean-louis at dupond.be>
Maintainer: Devid Antonio Filoni <d.filoni at ubuntu.com>
Signed-By: Ken VanDine <ken.vandine at canonical.com>
https://launchpad.net/ubuntu/maverick/+source/papyon/0.5.1-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 16:49:29 +0100
Source: papyon
Binary: python-papyon
Architecture: source
Version: 0.5.1-0ubuntu2.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Devid Antonio Filoni <d.filoni at ubuntu.com>
Changed-By: Jean-Louis Dupond <jean-louis at dupond.be>
Description: 
 python-papyon - MSN client library written in Python
Launchpad-Bugs-Fixed: 887349
Changes: 
 papyon (0.5.1-0ubuntu2.1) maverick-proposed; urgency=low
 .
   * debian/patches/11_lp_887349.patch :
     - Fix login failure due to trying to interact to an obsolete
       server (LP: #887349).
Checksums-Sha1: 
 0ccef7795a2e68c9a66987de71c9c03f84bcc385 1485 papyon_0.5.1-0ubuntu2.1.dsc
 b1a2ffb4418b6e1804a14dfb8f75516efda448ce 4715 papyon_0.5.1-0ubuntu2.1.diff.gz
Checksums-Sha256: 
 92b4103a9eae9cd2dae89c7fbc2257df64749d981e4abfa4339eb6df480a7a03 1485 papyon_0.5.1-0ubuntu2.1.dsc
 eb1fd6175276d1c9c4d3249287368b67b8f2a9cdf20ab9cf998accf48f63da44 4715 papyon_0.5.1-0ubuntu2.1.diff.gz
Files: 
 f6e9907e4099e1a68d9e2732965891b5 1485 python optional papyon_0.5.1-0ubuntu2.1.dsc
 ae9a17b94d6158df70a203fdc8d0d36d 4715 python optional papyon_0.5.1-0ubuntu2.1.diff.gz

From marc.deslauriers at ubuntu.com  Thu Nov 10 17:03:36 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Thu, 10 Nov 2011 17:03:36 -0000
Subject: [ubuntu/maverick-security] radvd 1:1.6-1ubuntu0.1 (Accepted)
Message-ID: <20111110170336.3673.78815.launchpad@cocoplum.canonical.com>

radvd (1:1.6-1ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via interface name
    - debian/patches/CVE-2011-3602.patch: check for path traversal in
      device-linux.c.
    - CVE-2011-3602
  * SECURITY UPDATE: incorrect privilege dropping handling
    - debian/patches/CVE-2011-3603.patch: fail on errors in
      privsep-linux.c, radvd.c.
    - CVE-2011-3603
  * SECURITY UPDATE: denial or service via buffer overreads
    - debian/patches/CVE-2011-3604.patch: properly check length in
      process.c.
    - CVE-2011-3604
  * SECURITY UPDATE: temporary denial of service via delay
    - debian/patches/CVE-2011-3605.patch: remove delay in process.c.
    - CVE-2011-3605

Date: Wed, 12 Oct 2011 09:57:54 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/radvd/1:1.6-1ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Wed, 12 Oct 2011 09:57:54 -0400
Source: radvd
Binary: radvd
Architecture: source
Version: 1:1.6-1ubuntu0.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 radvd      - Router Advertisement Daemon
Changes: 
 radvd (1:1.6-1ubuntu0.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary file overwrite via interface name
     - debian/patches/CVE-2011-3602.patch: check for path traversal in
       device-linux.c.
     - CVE-2011-3602
   * SECURITY UPDATE: incorrect privilege dropping handling
     - debian/patches/CVE-2011-3603.patch: fail on errors in
       privsep-linux.c, radvd.c.
     - CVE-2011-3603
   * SECURITY UPDATE: denial or service via buffer overreads
     - debian/patches/CVE-2011-3604.patch: properly check length in
       process.c.
     - CVE-2011-3604
   * SECURITY UPDATE: temporary denial of service via delay
     - debian/patches/CVE-2011-3605.patch: remove delay in process.c.
     - CVE-2011-3605
Checksums-Sha1: 
 9a983e82a8a1cb1ea888ab7f03037c26e68d3f5a 1697 radvd_1.6-1ubuntu0.1.dsc
 ad3e624185787635a828808cc19520a679476db5 9439 radvd_1.6-1ubuntu0.1.diff.gz
Checksums-Sha256: 
 1e399b00a3195ff9e3169d7f6a0afd15daf9911cc7226d85ef0791dbb457684f 1697 radvd_1.6-1ubuntu0.1.dsc
 e67143aaca708ae12b06ce9fb984034aa79fb2ba97a1c86c3328be6fc506a313 9439 radvd_1.6-1ubuntu0.1.diff.gz
Files: 
 92d341ea8c0499484741be83285cf81f 1697 net optional radvd_1.6-1ubuntu0.1.dsc
 eecd7234f7fcf4a15f635584e6f703ca 9439 net optional radvd_1.6-1ubuntu0.1.diff.gz
Original-Maintainer: Ghe Rivero <ghe at debian.org>

From jamie at ubuntu.com  Thu Nov 10 18:04:44 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Thu, 10 Nov 2011 18:04:44 -0000
Subject: [ubuntu/maverick-security]
	clamav_0.96.5+dfsg-1ubuntu1.10.10.3_powerpc_translations.tar.gz,
	clamav_0.96.5+dfsg-1ubuntu1.10.10.3_armel_translations.tar.gz, clamav, 
	clamav_0.96.5+dfsg-1ubuntu1.10.10.3_i386_translations.tar.gz,
	clamav_0.96.5+dfsg-1ubuntu1.10.10.3_amd64_translations.tar.gz
	0.96.5+dfsg-1ubuntu1.10.10.3 (Accepted)
Message-ID: <20111110180444.26059.81634.launchpad@cocoplum.canonical.com>

clamav (0.96.5+dfsg-1ubuntu1.10.10.3) maverick-security; urgency=low

  * SECURITY UPDATE: fix recursion level crash
    - libclamav/bytecode.c, libclamav/bytecode_api.c:adjust recursion level
      before and after calling cli_magic_scandesc()
    - http://git.clamav.net/gitweb?p=clamav-devel.git;a=patch;h=3d664817f6ef833a17414a4ecea42004c35cc42f
    - CVE-2011-3627

Date: Fri, 28 Oct 2011 08:49:16 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/clamav/0.96.5+dfsg-1ubuntu1.10.10.3
-------------- next part --------------
Format: 1.8
Date: Fri, 28 Oct 2011 08:49:16 -0500
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6 clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source
Version: 0.96.5+dfsg-1ubuntu1.10.10.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 clamav     - anti-virus utility for Unix - command-line interface
 clamav-base - anti-virus utility for Unix - base package
 clamav-daemon - anti-virus utility for Unix - scanner daemon
 clamav-dbg - debug symbols for ClamAV
 clamav-docs - anti-virus utility for Unix - documentation
 clamav-freshclam - anti-virus utility for Unix - virus database update utility
 clamav-milter - anti-virus utility for Unix - sendmail integration
 clamav-testfiles - anti-virus utility for Unix - test files
 libclamav-dev - anti-virus utility for Unix - development files
 libclamav6 - anti-virus utility for Unix - library
Changes: 
 clamav (0.96.5+dfsg-1ubuntu1.10.10.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: fix recursion level crash
     - libclamav/bytecode.c, libclamav/bytecode_api.c:adjust recursion level
       before and after calling cli_magic_scandesc()
     - http://git.clamav.net/gitweb?p=clamav-devel.git;a=patch;h=3d664817f6ef833a17414a4ecea42004c35cc42f
     - CVE-2011-3627
Checksums-Sha1: 
 60e24f70551664b9c8cb700e9fe4ebddddf25665 2316 clamav_0.96.5+dfsg-1ubuntu1.10.10.3.dsc
 1e174d04ca60a3aacf9ac5ad8b4540b7c4461726 291541 clamav_0.96.5+dfsg-1ubuntu1.10.10.3.diff.gz
Checksums-Sha256: 
 32bdfa77677cdc327fd2d30d8215cb89dccc52067374bcf73236e8cd0bfc45aa 2316 clamav_0.96.5+dfsg-1ubuntu1.10.10.3.dsc
 c3a429b9b9b4fa6f092f0c21d2f3f5ccf48b3d0daa986c77e025a0503653459e 291541 clamav_0.96.5+dfsg-1ubuntu1.10.10.3.diff.gz
Files: 
 129d6869a483ebf00305bc33f0191f4f 2316 utils optional clamav_0.96.5+dfsg-1ubuntu1.10.10.3.dsc
 73112ec8fb17bb81d28e8d2c0e01e544 291541 utils optional clamav_0.96.5+dfsg-1ubuntu1.10.10.3.diff.gz
Original-Maintainer: ClamAV Team <pkg-clamav-devel at lists.alioth.debian.org>

From sbeattie at ubuntu.com  Thu Nov 10 22:03:54 2011
From: sbeattie at ubuntu.com (Steve Beattie)
Date: Thu, 10 Nov 2011 22:03:54 -0000
Subject: [ubuntu/maverick-security] apache2 2.2.16-1ubuntu3.4 (Accepted)
Message-ID: <20111110220354.15026.84286.launchpad@cocoplum.canonical.com>

apache2 (2.2.16-1ubuntu3.4) maverick-security; urgency=low

  * SECURITY UPDATE: mod_proxy reverse proxy exposure (LP: #877740)
    - debian/patches/212_CVE-2011-3368.dpatch: return 400
      on invalid requests. (patch courtesy of Michael Jeanson)
    - debian/patches/214_CVE-2011-3368_part2.dpatch: fix same for http
      0.9 protocol
    - CVE-2011-3368
  * SECURITY UPDATE: mod_proxy_ajp denial of service (LP: #871674)
    - debian/patches/213_CVE-2011-3348.dpatch: return
      HTTP_NOT_IMPLEMENTED when AJP_EBAD_METHOD is requested
    - CVE-2011-3348
  * SECURITY UPDATE: mpm-itk failure to drop privileges in certain
    configurations
    - debian/mpm-itk/patches/11-CVE-2011-1176.patch: merge
      configurations correctly
    - CVE-2011-1176
  * Include additional fixes for regressions introduced by
    CVE-2011-3192 fixes
    - debian/patches/085_CVE-2011-3192_regression_part2.dpatch:
      take upstream fixes for byterange_filter.c through the 2.2.21
      release except for the added MaxRanges configuration option along
      with a fix staged for 2.2.22.

Date: Wed, 02 Nov 2011 17:23:07 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/apache2/2.2.16-1ubuntu3.4
-------------- next part --------------
Format: 1.8
Date: Wed, 02 Nov 2011 17:23:07 -0700
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source
Version: 2.2.16-1ubuntu3.4
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 apache2    - Apache HTTP Server metapackage
 apache2-dbg - Apache debugging symbols
 apache2-doc - Apache HTTP Server documentation
 apache2-mpm-event - Apache HTTP Server - event driven model
 apache2-mpm-itk - multiuser MPM for Apache 2.2
 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
 apache2-mpm-worker - Apache HTTP Server - high speed threaded model
 apache2-prefork-dev - Apache development headers - non-threaded MPM
 apache2-suexec - Standard suexec program for Apache 2 mod_suexec
 apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
 apache2-threaded-dev - Apache development headers - threaded MPM
 apache2-utils - utility programs for webservers
 apache2.2-bin - Apache HTTP Server common binary files
 apache2.2-common - Apache HTTP Server common files
Launchpad-Bugs-Fixed: 871674 877740
Changes: 
 apache2 (2.2.16-1ubuntu3.4) maverick-security; urgency=low
 .
   * SECURITY UPDATE: mod_proxy reverse proxy exposure (LP: #877740)
     - debian/patches/212_CVE-2011-3368.dpatch: return 400
       on invalid requests. (patch courtesy of Michael Jeanson)
     - debian/patches/214_CVE-2011-3368_part2.dpatch: fix same for http
       0.9 protocol
     - CVE-2011-3368
   * SECURITY UPDATE: mod_proxy_ajp denial of service (LP: #871674)
     - debian/patches/213_CVE-2011-3348.dpatch: return
       HTTP_NOT_IMPLEMENTED when AJP_EBAD_METHOD is requested
     - CVE-2011-3348
   * SECURITY UPDATE: mpm-itk failure to drop privileges in certain
     configurations
     - debian/mpm-itk/patches/11-CVE-2011-1176.patch: merge
       configurations correctly
     - CVE-2011-1176
   * Include additional fixes for regressions introduced by
     CVE-2011-3192 fixes
     - debian/patches/085_CVE-2011-3192_regression_part2.dpatch:
       take upstream fixes for byterange_filter.c through the 2.2.21
       release except for the added MaxRanges configuration option along
       with a fix staged for 2.2.22.
Checksums-Sha1: 
 bbe12bbf2fa656a8365f24ee5b0d1d72091025b2 2686 apache2_2.2.16-1ubuntu3.4.dsc
 79d5cf97b7bd57901ba312ab9f4266394c109f52 222629 apache2_2.2.16-1ubuntu3.4.diff.gz
Checksums-Sha256: 
 462b940fcb382c9c75b86d4140c86323718c5c68a5b16e33997c312f756341c9 2686 apache2_2.2.16-1ubuntu3.4.dsc
 6140f638debf20b00fc0d7ef65abbdbf4059efd2f736cccf659d0fe80e699e14 222629 apache2_2.2.16-1ubuntu3.4.diff.gz
Files: 
 fb07fe8147bf30fbcfa243cebfb72399 2686 httpd optional apache2_2.2.16-1ubuntu3.4.dsc
 6f8b956f238843da218f7b0c3b1446db 222629 httpd optional apache2_2.2.16-1ubuntu3.4.diff.gz
Original-Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
Original-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2
Original-Vcs-Svn: svn://svn.debian.org/pkg-apache/trunk/apache2

From brian.thomason at canonical.com  Thu Nov 10 22:10:20 2011
From: brian.thomason at canonical.com (Brian Thomason)
Date: Thu, 10 Nov 2011 22:10:20 -0000
Subject: [ubuntu/maverick] adobe-flashplugin 11.1.102.55-0maverick1 (Accepted)
Message-ID: <20111110221020.16808.4294.launchpad@cocoplum.canonical.com>

adobe-flashplugin (11.1.102.55-0maverick1) maverick; urgency=low

  * Initial release of 11.1.102.55 for Maverick

Date: Thu, 10 Nov 2011 16:43:51 -0500
Changed-By: Brian Thomason <brian.thomason at canonical.com>
Maintainer: DL-Flash Player Ubuntu <FlashPlayerUbuntu at adobe.com>
https://launchpad.net/ubuntu/maverick/+source/adobe-flashplugin/11.1.102.55-0maverick1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 10 Nov 2011 16:43:51 -0500
Source: adobe-flashplugin
Binary: adobe-flashplugin adobe-flash-properties-gtk adobe-flash-properties-kde
Architecture: source
Version: 11.1.102.55-0maverick1
Distribution: maverick
Urgency: low
Maintainer: DL-Flash Player Ubuntu <FlashPlayerUbuntu at adobe.com>
Changed-By: Brian Thomason <brian.thomason at canonical.com>
Description: 
 adobe-flash-properties-gtk - GTK+ control panel for Adobe Flash Player plugin version 11
 adobe-flash-properties-kde - KDE control panel Adobe Flash Player plugin version 11
 adobe-flashplugin - Adobe Flash Player plugin version 11
Changes: 
 adobe-flashplugin (11.1.102.55-0maverick1) maverick; urgency=low
 .
   * Initial release of 11.1.102.55 for Maverick
Checksums-Sha1: 
 855d599f57551414b4c029ea8fee20cce5204092 1279 adobe-flashplugin_11.1.102.55-0maverick1.dsc
 a585e50337814d6c976f82ca7b147fd0a9b0b803 4759 adobe-flashplugin_11.1.102.55-0maverick1.diff.gz
Checksums-Sha256: 
 2d877b1b1345f49a98b50cd7459c86487473edd07325c7e4f33d2313b5b42a4d 1279 adobe-flashplugin_11.1.102.55-0maverick1.dsc
 07bc7aead8728fba12a6e2b3e4c0b86bf7d35c706432965096fd5a1d893c647b 4759 adobe-flashplugin_11.1.102.55-0maverick1.diff.gz
Files: 
 e4e575eb9a0e6379129ee52e8d49c44e 1279 partner/web optional adobe-flashplugin_11.1.102.55-0maverick1.dsc
 094461da8ebe5584e1f776bb37e0fcbe 4759 partner/web optional adobe-flashplugin_11.1.102.55-0maverick1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk68Ra4ACgkQOb4zNfJqN5c/4wCgme8zGVBEOnzC1VcWuabhGALi
yOkAn0pRQGc0VEwewGMkk+T30fldvl9C
=GdWU
-----END PGP SIGNATURE-----

From marc.deslauriers at ubuntu.com  Fri Nov 11 18:03:44 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Fri, 11 Nov 2011 18:03:44 -0000
Subject: [ubuntu/maverick-security] flashplugin-nonfree,
	flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1_amd64_translations.tar.gz,
	flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1_i386_translations.tar.gz
	11.1.102.55ubuntu0.10.10.1 (Accepted)
Message-ID: <20111111180344.21598.24470.launchpad@cocoplum.canonical.com>

flashplugin-nonfree (11.1.102.55ubuntu0.10.10.1) maverick-security; urgency=low

  * New upstream release 11.1.102.55
    - debian/config, debian/postinst: Updated sha256sums and version.
    - CVE-2011-2445
    - CVE-2011-2450
    - CVE-2011-2451
    - CVE-2011-2452
    - CVE-2011-2453
    - CVE-2011-2454
    - CVE-2011-2455
    - CVE-2011-2456
    - CVE-2011-2457
    - CVE-2011-2458
    - CVE-2011-2459
    - CVE-2011-2460

Date: Fri, 11 Nov 2011 08:51:23 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/flashplugin-nonfree/11.1.102.55ubuntu0.10.10.1
-------------- next part --------------
Format: 1.8
Date: Fri, 11 Nov 2011 08:51:23 -0500
Source: flashplugin-nonfree
Binary: flashplugin-installer flashplugin-nonfree
Architecture: source
Version: 11.1.102.55ubuntu0.10.10.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 flashplugin-installer - Adobe Flash Player plugin installer
 flashplugin-nonfree - Adobe Flash Player plugin installer (transitional package)
Changes: 
 flashplugin-nonfree (11.1.102.55ubuntu0.10.10.1) maverick-security; urgency=low
 .
   * New upstream release 11.1.102.55
     - debian/config, debian/postinst: Updated sha256sums and version.
     - CVE-2011-2445
     - CVE-2011-2450
     - CVE-2011-2451
     - CVE-2011-2452
     - CVE-2011-2453
     - CVE-2011-2454
     - CVE-2011-2455
     - CVE-2011-2456
     - CVE-2011-2457
     - CVE-2011-2458
     - CVE-2011-2459
     - CVE-2011-2460
Checksums-Sha1: 
 bdc540af38bc303c9f7ee423a9780bd47ab9b79d 1639 flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1.dsc
 180cdac6fa2974c5213befff3757d9fea579bae1 27760 flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1.tar.gz
Checksums-Sha256: 
 4ff80b394e8bcab6d6fb0db00641bc612469f433ad2b7bad4b082b4a3063cb3e 1639 flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1.dsc
 126b4dfd5e44a70143f8e6def8c17901f6ac77fa06385354f23d4bfed04309cc 27760 flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1.tar.gz
Files: 
 f1e3e45a1fd772384f73fa23a4532e63 1639 contrib/web optional flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1.dsc
 75bbf35413e41ed3b754636dea446431 27760 contrib/web optional flashplugin-nonfree_11.1.102.55ubuntu0.10.10.1.tar.gz
Original-Maintainer: Bart Martens <bartm at knars.be>

From jean-louis at dupond.be  Mon Nov 14 06:00:08 2011
From: jean-louis at dupond.be (Jean-Louis Dupond)
Date: Mon, 14 Nov 2011 06:00:08 -0000
Subject: [ubuntu/maverick-proposed] papyon 0.5.1-0ubuntu2.2 (Accepted)
Message-ID: <20111114060008.5522.1748.launchpad@wampee.canonical.com>

papyon (0.5.1-0ubuntu2.2) maverick-proposed; urgency=low

  * debian/patches/11_lp_887349.patch:
    - Allow HTTP redirection and use correct AB server. (LP: #887349)

Date: Thu, 10 Nov 2011 18:18:27 +0100
Changed-By: Jean-Louis Dupond <jean-louis at dupond.be>
Maintainer: Devid Antonio Filoni <d.filoni at ubuntu.com>
Signed-By: Martin Pitt <martin.pitt at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/papyon/0.5.1-0ubuntu2.2
-------------- next part --------------
Format: 1.8
Date: Thu, 10 Nov 2011 18:18:27 +0100
Source: papyon
Binary: python-papyon
Architecture: source
Version: 0.5.1-0ubuntu2.2
Distribution: maverick-proposed
Urgency: low
Maintainer: Devid Antonio Filoni <d.filoni at ubuntu.com>
Changed-By: Jean-Louis Dupond <jean-louis at dupond.be>
Description: 
 python-papyon - MSN client library written in Python
Launchpad-Bugs-Fixed: 887349
Changes: 
 papyon (0.5.1-0ubuntu2.2) maverick-proposed; urgency=low
 .
   * debian/patches/11_lp_887349.patch:
     - Allow HTTP redirection and use correct AB server. (LP: #887349)
Checksums-Sha1: 
 0a4d832289c804dd88443a7fa96dd7952d2a9c6b 2175 papyon_0.5.1-0ubuntu2.2.dsc
 d6e4b556a51c3a7316a1867841a68ebb18e74804 5340 papyon_0.5.1-0ubuntu2.2.diff.gz
Checksums-Sha256: 
 78d23e2e7e7cb3e7d23916e912b9f078a09de1e173cf9c0e053247ef45b16875 2175 papyon_0.5.1-0ubuntu2.2.dsc
 5dc10a2d5a57b64dc57e1555833b750344ef9986ccfb84ab465440c182d315b5 5340 papyon_0.5.1-0ubuntu2.2.diff.gz
Files: 
 117201846690b3ccb9702d800b2ec801 2175 python optional papyon_0.5.1-0ubuntu2.2.dsc
 b605056142b3fcf6109f36ded46e4807 5340 python optional papyon_0.5.1-0ubuntu2.2.diff.gz

From marc.deslauriers at ubuntu.com  Mon Nov 14 19:03:35 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Mon, 14 Nov 2011 19:03:35 -0000
Subject: [ubuntu/maverick-security] quagga,
	quagga_0.99.17-1ubuntu0.2_armel_translations.tar.gz,
	quagga_0.99.17-1ubuntu0.2_powerpc_translations.tar.gz,
	quagga_0.99.17-1ubuntu0.2_i386_translations.tar.gz,
	quagga_0.99.17-1ubuntu0.2_amd64_translations.tar.gz 0.99.17-1ubuntu0.2
	(Accepted)
Message-ID: <20111114190335.29949.79070.launchpad@cocoplum.canonical.com>

quagga (0.99.17-1ubuntu0.2) maverick-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via malformed Inter Area
    Prefix LSA
    - debian/patches/99_CVE-2011-3323.dpatch: check lengths in
      ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
      ospf6_message.c,ospf6_message.h,ospf6_proto.h}
    - CVE-2011-3323
  * SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
    - debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
      ospf6d/ospf6_lsa.c.
    - CVE-2011-3324
  * SECURITY UPDATE: denial of service via crafted Hello packet
    - debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
      ospfd/ospf_packet.c.
    - CVE-2011-3325
  * SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
    types
    - debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
      in ospfd/ospf_flood.c.
    - CVE-2011-3326
  * SECURITY UPDATE: arbitrary code execution via Extended Communities path
    attribute
    - debian/patches/99_CVE-2011-3327.dpatch: properly check size in
      bgpd/bgp_ecommunity.c.
    - CVE-2011-3327

Date: Fri, 07 Oct 2011 10:19:05 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/quagga/0.99.17-1ubuntu0.2
-------------- next part --------------
Format: 1.8
Date: Fri, 07 Oct 2011 10:19:05 -0400
Source: quagga
Binary: quagga quagga-doc
Architecture: source
Version: 0.99.17-1ubuntu0.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 quagga     - BGP/OSPF/RIP routing daemon
 quagga-doc - documentation files for quagga
Changes: 
 quagga (0.99.17-1ubuntu0.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via malformed Inter Area
     Prefix LSA
     - debian/patches/99_CVE-2011-3323.dpatch: check lengths in
       ospf6d/{ospf6_abr.h,ospf6_asbr.h,ospf6_intra.h,ospf6_lsa.h,
       ospf6_message.c,ospf6_message.h,ospf6_proto.h}
     - CVE-2011-3323
   * SECURITY UPDATE: denial of sevice via crafted Link-State-Advertisement
     - debian/patches/99_CVE-2011-3324.dpatch: change assert to warning in
       ospf6d/ospf6_lsa.c.
     - CVE-2011-3324
   * SECURITY UPDATE: denial of service via crafted Hello packet
     - debian/patches/99_CVE-2011-3325.dpatch: add extra checks to
       ospfd/ospf_packet.c.
     - CVE-2011-3325
   * SECURITY UPDATE: denial of service via unknown Link-State-Advertisements
     types
     - debian/patches/99_CVE-2011-3326.dpatch: exit if LSA type is unknown
       in ospfd/ospf_flood.c.
     - CVE-2011-3326
   * SECURITY UPDATE: arbitrary code execution via Extended Communities path
     attribute
     - debian/patches/99_CVE-2011-3327.dpatch: properly check size in
       bgpd/bgp_ecommunity.c.
     - CVE-2011-3327
Checksums-Sha1: 
 af900a0a8b8331c4b94a9f0e37849088022a428a 2052 quagga_0.99.17-1ubuntu0.2.dsc
 7fa04470e8966dab841c7248f3f90e276df08cf6 44652 quagga_0.99.17-1ubuntu0.2.diff.gz
Checksums-Sha256: 
 8b3646a8936a198ffa6028820edfe3112534e83ae3349b460741ec6f049e0c67 2052 quagga_0.99.17-1ubuntu0.2.dsc
 5832ce606c9cf0adbd9591cf9980c0dca01bc8ebf5ed3fd0f230b98415ca2cb4 44652 quagga_0.99.17-1ubuntu0.2.diff.gz
Files: 
 4b8cdc6067827d0906ab9c22eb93ef65 2052 net optional quagga_0.99.17-1ubuntu0.2.dsc
 ae67e204fa798cc9e3219ce0ff53b9e3 44652 net optional quagga_0.99.17-1ubuntu0.2.diff.gz
Original-Maintainer: Christian Hammers <ch at debian.org>

From stefanor at ubuntu.com  Tue Nov 15 06:09:00 2011
From: stefanor at ubuntu.com (Stefano Rivera)
Date: Tue, 15 Nov 2011 06:09:00 -0000
Subject: [ubuntu/maverick-proposed] dovecot-antispam
	1.2+20090702-1ubuntu0.10.10.1 (Accepted)
Message-ID: <20111115060900.15865.9680.launchpad@chaenomeles.canonical.com>

dovecot-antispam (1.2+20090702-1ubuntu0.10.10.1) maverick-proposed; urgency=low

  * No-change rebuild against newer dovecot (LP: #494162)

Date: Sun, 13 Nov 2011 23:45:01 +0200
Changed-By: Stefano Rivera <stefanor at ubuntu.com>
Maintainer: Ron Lee <ron at debian.org>
https://launchpad.net/ubuntu/maverick/+source/dovecot-antispam/1.2+20090702-1ubuntu0.10.10.1
-------------- next part --------------
Format: 1.8
Date: Sun, 13 Nov 2011 23:45:01 +0200
Source: dovecot-antispam
Binary: dovecot-antispam
Architecture: source
Version: 1.2+20090702-1ubuntu0.10.10.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Ron Lee <ron at debian.org>
Changed-By: Stefano Rivera <stefanor at ubuntu.com>
Description: 
 dovecot-antispam - a Dovecot plugin that helps train spam filters
Launchpad-Bugs-Fixed: 494162
Changes: 
 dovecot-antispam (1.2+20090702-1ubuntu0.10.10.1) maverick-proposed; urgency=low
 .
   * No-change rebuild against newer dovecot (LP: #494162)
Checksums-Sha1: 
 b5e9427519ab95c212f3f7e3cfb3b0efa69a9b02 2024 dovecot-antispam_1.2+20090702-1ubuntu0.10.10.1.dsc
 69efd78cbaf69f0e7aeb0a9162e7b0f2ada128d3 3421 dovecot-antispam_1.2+20090702-1ubuntu0.10.10.1.diff.gz
Checksums-Sha256: 
 fe721bf2bd8831651bae59269962d25760cfe425fc4b2a34d4cc41006eb48cbd 2024 dovecot-antispam_1.2+20090702-1ubuntu0.10.10.1.dsc
 00bdce8a307b3ee0bc4393ecf4045e9836482617ee624d37c9c78e761f475d44 3421 dovecot-antispam_1.2+20090702-1ubuntu0.10.10.1.diff.gz
Files: 
 668d31c8f97e625b53ee9d057e8c5ece 2024 mail optional dovecot-antispam_1.2+20090702-1ubuntu0.10.10.1.dsc
 cfa19ee3d9157e30451a128df3b65dfc 3421 mail optional dovecot-antispam_1.2+20090702-1ubuntu0.10.10.1.diff.gz

From jriddell at ubuntu.com  Tue Nov 15 06:10:08 2011
From: jriddell at ubuntu.com (Jonathan Riddell)
Date: Tue, 15 Nov 2011 06:10:08 -0000
Subject: [ubuntu/maverick-proposed] libmsn 4.1-1.2ubuntu1.1 (Accepted)
Message-ID: <20111115061008.16797.48896.launchpad@chaenomeles.canonical.com>

libmsn (4.1-1.2ubuntu1.1) maverick-proposed; urgency=low

  * Add kubuntu_01_msn_update.diff from upstream to fix connection to MSN
    LP: #887104

Date: Thu, 10 Nov 2011 22:12:22 +0000
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Maintainer: Pau Garcia i Quiles <pgquiles at elpauer.org>
https://launchpad.net/ubuntu/maverick/+source/libmsn/4.1-1.2ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Thu, 10 Nov 2011 22:12:22 +0000
Source: libmsn
Binary: libmsn0.3 libmsn0.3-dbg libmsn-dev
Architecture: source
Version: 4.1-1.2ubuntu1.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Pau Garcia i Quiles <pgquiles at elpauer.org>
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Description: 
 libmsn-dev - high-level C++ library for MSN Messenger [devel]
 libmsn0.3  - high-level C++ library for MSN Messenger [runtime]
 libmsn0.3-dbg - high-level C++ library for MSN Messenger [debug]
Launchpad-Bugs-Fixed: 887104
Changes: 
 libmsn (4.1-1.2ubuntu1.1) maverick-proposed; urgency=low
 .
   * Add kubuntu_01_msn_update.diff from upstream to fix connection to MSN
     LP: #887104
Checksums-Sha1: 
 8c05d090a0fb11c3499e66ed5e23dec084dbd581 1068 libmsn_4.1-1.2ubuntu1.1.dsc
 d022fb437fbbe42d630408cd12aa69a567ebd990 8768 libmsn_4.1-1.2ubuntu1.1.diff.gz
Checksums-Sha256: 
 d789b5d87c2725cbc2ae84a41fb00266d0bab2d6d2c85348d7b8dd33e75e8767 1068 libmsn_4.1-1.2ubuntu1.1.dsc
 1323df68350a501e130191b9e52d7fa317f33cc27911758abf3e879e3a95127f 8768 libmsn_4.1-1.2ubuntu1.1.diff.gz
Files: 
 2b60d37661840498ac08c3ef6ebbe61b 1068 libs optional libmsn_4.1-1.2ubuntu1.1.dsc
 d0875764954aa58b2112c0eca8a4d522 8768 libs optional libmsn_4.1-1.2ubuntu1.1.diff.gz

From serge.hallyn at ubuntu.com  Tue Nov 15 06:10:29 2011
From: serge.hallyn at ubuntu.com (Serge Hallyn)
Date: Tue, 15 Nov 2011 06:10:29 -0000
Subject: [ubuntu/maverick-proposed] libvirt 0.8.3-1ubuntu19.3 (Accepted)
Message-ID: <20111115061029.3084.28637.launchpad@gac.canonical.com>

libvirt (0.8.3-1ubuntu19.3) maverick-proposed; urgency=low

  * lxc_controller: use our own unlocpt+grantpt rather than glibc's, which
    can't handle opening a pty in a devpts not mounted at /dev/pts.
    (LP: #863629)

Date: Tue, 01 Nov 2011 18:03:04 +0000
Changed-By: Serge Hallyn <serge.hallyn at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/libvirt/0.8.3-1ubuntu19.3
-------------- next part --------------
Format: 1.8
Date: Tue, 01 Nov 2011 18:03:04 +0000
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt
Architecture: source
Version: 0.8.3-1ubuntu19.3
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Serge Hallyn <serge.hallyn at ubuntu.com>
Description: 
 libvirt-bin - the programs for the libvirt library
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt0   - library for interfacing with different virtualization systems
 libvirt0-dbg - library for interfacing with different virtualization systems
 python-libvirt - libvirt Python bindings
Launchpad-Bugs-Fixed: 863629
Changes: 
 libvirt (0.8.3-1ubuntu19.3) maverick-proposed; urgency=low
 .
   * lxc_controller: use our own unlocpt+grantpt rather than glibc's, which
     can't handle opening a pty in a devpts not mounted at /dev/pts.
     (LP: #863629)
Checksums-Sha1: 
 e2e6bebfb08d679fd3dbacf384a72f558846b0b6 2321 libvirt_0.8.3-1ubuntu19.3.dsc
 852502cce41baf3aaa0fe408ce324b35a695f1d7 75344 libvirt_0.8.3-1ubuntu19.3.debian.tar.gz
Checksums-Sha256: 
 511c3af99418d23a7539ecd1be7aa5f86a90fbbe5df70721414292c4e3282d87 2321 libvirt_0.8.3-1ubuntu19.3.dsc
 33a105fa5d2838f99273f560c45849d6555ecf609bfe4638a652b59d72616e6a 75344 libvirt_0.8.3-1ubuntu19.3.debian.tar.gz
Files: 
 5145f6814b644572f0b130b270fc5334 2321 libs optional libvirt_0.8.3-1ubuntu19.3.dsc
 0244068c37d913ffb8b01f40e606763c 75344 libs optional libvirt_0.8.3-1ubuntu19.3.debian.tar.gz
Original-Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers at lists.alioth.debian.org>

From tim.gardner at canonical.com  Tue Nov 15 06:11:21 2011
From: tim.gardner at canonical.com (Tim Gardner)
Date: Tue, 15 Nov 2011 06:11:21 -0000
Subject: [ubuntu/maverick-proposed] linux-firmware 1.38.10 (Accepted)
Message-ID: <20111115061121.16070.78862.launchpad@chaenomeles.canonical.com>

linux-firmware (1.38.10) maverick-proposed; urgency=low

  * ath3k-fw: Fix EEPROM radio table issue.
    LP: #882685

linux-firmware (1.38.9) maverick-proposed; urgency=low

  * Added firmware files to support compat-wireless
    linux-firmware: add new firmware for RTL8168E-VL
    linux-firmware: update firmware for RTL8111E
    linux-firmware: Add firmware for RTL8168/8111E
    linux-firmware: Add firmware for RTL8105E
    rtl_nic: Add firmware for RTL8111D(L)
    -LP: #804671

linux-firmware (1.38.8) maverick-proposed; urgency=low

  * Added carl9170.fw for Atheros wireless AR9170 based devices.
    -LP: #713987

linux-firmware (1.38.7) maverick-proposed; urgency=low

  * Added iwlwifi-1000-5.ucode
    -LP: #752829

Date: Fri, 28 Oct 2011 09:50:12 -0600
Changed-By: Tim Gardner <tim.gardner at canonical.com>
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/linux-firmware/1.38.10
-------------- next part --------------
Format: 1.8
Date: Fri, 28 Oct 2011 09:50:12 -0600
Source: linux-firmware
Binary: linux-firmware nic-firmware scsi-firmware
Architecture: source
Version: 1.38.10
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Kernel Team <kernel-team at lists.ubuntu.com>
Changed-By: Tim Gardner <tim.gardner at canonical.com>
Description: 
 linux-firmware - Firmware for Linux kernel drivers
 nic-firmware - Firmware for NICs (udeb)
 scsi-firmware - Firmware for SCSI controllers (udeb)
Launchpad-Bugs-Fixed: 713987 752829 804671 882685
Changes: 
 linux-firmware (1.38.10) maverick-proposed; urgency=low
 .
   * ath3k-fw: Fix EEPROM radio table issue.
     LP: #882685
 .
 linux-firmware (1.38.9) maverick-proposed; urgency=low
 .
   * Added firmware files to support compat-wireless
     linux-firmware: add new firmware for RTL8168E-VL
     linux-firmware: update firmware for RTL8111E
     linux-firmware: Add firmware for RTL8168/8111E
     linux-firmware: Add firmware for RTL8105E
     rtl_nic: Add firmware for RTL8111D(L)
     -LP: #804671
 .
 linux-firmware (1.38.8) maverick-proposed; urgency=low
 .
   * Added carl9170.fw for Atheros wireless AR9170 based devices.
     -LP: #713987
 .
 linux-firmware (1.38.7) maverick-proposed; urgency=low
 .
   * Added iwlwifi-1000-5.ucode
     -LP: #752829
Checksums-Sha1: 
 1ad1737e0533b68a2610486b53c0224f4f247157 1505 linux-firmware_1.38.10.dsc
 b5029698668d2f526d2f94228cd875d2ad59194b 13418693 linux-firmware_1.38.10.tar.gz
Checksums-Sha256: 
 7cd53bef15ae792d76e0a68ebca7fd8da49cf5fa8ce4337c19ee743c039d1a9a 1505 linux-firmware_1.38.10.dsc
 cc5e51f4466cba0d8165377e54efc238a6213f5b737328e98ca4304a37128c00 13418693 linux-firmware_1.38.10.tar.gz
Files: 
 60d5c3211958ea661ccc0008fb5f14c3 1505 misc optional linux-firmware_1.38.10.dsc
 5950d24c568765d6ef6618343e45a931 13418693 misc optional linux-firmware_1.38.10.tar.gz

From melissa at catalyst.net.nz  Wed Nov 16 00:08:38 2011
From: melissa at catalyst.net.nz (Melissa Draper)
Date: Wed, 16 Nov 2011 00:08:38 -0000
Subject: [ubuntu/maverick-security] mahara,
	mahara_1.2.5-2ubuntu0.3_i386_translations.tar.gz 1.2.5-2ubuntu0.3
	(Accepted)
Message-ID: <20111116000838.20383.53135.launchpad@cocoplum.canonical.com>

mahara (1.2.5-2ubuntu0.3) maverick-security; urgency=low

  * SECURITY UPDATE: XSS in unvalidated URI attributes
    - Added a filter to sanitise user input urls (LP: #888358)
    - debian/patches/CVE-2011-2771.patch: upstream patch
    - CVE-2011-2771

  * SECURITY UPDATE: DoS attack via invalid or excessively large images
    - Added a check to evaluate available memory before processing
      (LP: #888358)
    - debian/patches/CVE-2011-2772.patch: upstream patch
    - CVE-2011-2772

  * SECURITY UPDATE: XSRF allowing attackers to trick an admin into adding
    them to an institution
    - Session check added (LP: #888358)
    - debian/patches/CVE-2011-2773.patch: upstream patch
    - CVE-2011-2773

  * SECURITY UPDATE: Prevent masquerading users from jumping as others
    - Added a check to prevent jumping as other users. (LP: #888358)
    - debian/patches/mnet_masquerading.patch: upstream patch

Date: Tue, 08 Nov 2011 18:59:14 +1300
Changed-By: Melissa Draper <melissa at catalyst.net.nz>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/mahara/1.2.5-2ubuntu0.3
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 18:59:14 +1300
Source: mahara
Binary: mahara mahara-apache2
Architecture: source
Version: 1.2.5-2ubuntu0.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Melissa Draper <melissa at catalyst.net.nz>
Description: 
 mahara     - Electronic portfolio, weblog, and resume builder
 mahara-apache2 - Electronic portfolio, weblog, and resume builder - apache2 config
Launchpad-Bugs-Fixed: 888358
Changes: 
 mahara (1.2.5-2ubuntu0.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: XSS in unvalidated URI attributes
     - Added a filter to sanitise user input urls (LP: #888358)
     - debian/patches/CVE-2011-2771.patch: upstream patch
     - CVE-2011-2771
 .
   * SECURITY UPDATE: DoS attack via invalid or excessively large images
     - Added a check to evaluate available memory before processing
       (LP: #888358)
     - debian/patches/CVE-2011-2772.patch: upstream patch
     - CVE-2011-2772
 .
   * SECURITY UPDATE: XSRF allowing attackers to trick an admin into adding
     them to an institution
     - Session check added (LP: #888358)
     - debian/patches/CVE-2011-2773.patch: upstream patch
     - CVE-2011-2773
 .
   * SECURITY UPDATE: Prevent masquerading users from jumping as others
     - Added a check to prevent jumping as other users. (LP: #888358)
     - debian/patches/mnet_masquerading.patch: upstream patch
Checksums-Sha1: 
 f7f75998ffd4254085de1a08fa6dd4773ee9e7ca 2021 mahara_1.2.5-2ubuntu0.3.dsc
 ceed8ef28c83b57be311adad7ea50f64c801dbc8 28563 mahara_1.2.5-2ubuntu0.3.debian.tar.gz
Checksums-Sha256: 
 67b419154b2e1772f96f5ee39ff3a2d3649ec11941c99a7aacc122dd84a8fa83 2021 mahara_1.2.5-2ubuntu0.3.dsc
 a3df6822600621aa6acd31b4be75e165edf2fefddd2b5c56ed2ed8ff015cbc2d 28563 mahara_1.2.5-2ubuntu0.3.debian.tar.gz
Files: 
 7950654850cf2f3112f15211aabf5868 2021 web optional mahara_1.2.5-2ubuntu0.3.dsc
 0510d8f5a49e4ea1dec18f15807980a7 28563 web optional mahara_1.2.5-2ubuntu0.3.debian.tar.gz
Original-Maintainer: Mahara Packaging Team <mahara-packaging at lists.launchpad.net>

From sbeattie at ubuntu.com  Wed Nov 16 00:08:52 2011
From: sbeattie at ubuntu.com (Steve Beattie)
Date: Wed, 16 Nov 2011 00:08:52 -0000
Subject: [ubuntu/maverick-security] openjdk-6 6b20-1.9.10-0ubuntu1~10.10.2
	(Accepted)
Message-ID: <20111116000852.20383.62429.launchpad@cocoplum.canonical.com>

openjdk-6 (6b20-1.9.10-0ubuntu1~10.10.2) maverick-security; urgency=low

  * SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
    - debian/patches/SOP-bypass-icedtea6-1.9.patch: Remove special
      case for SocketPermission.
    - CVE-2011-3377
    - Applied inline due to needing to apply patches only once for netx,
      not for every vm

openjdk-6 (6b20-1.9.10-0ubuntu1~10.10.1) maverick-security; urgency=low

  * SECURITY UPDATE: IcedTea6 1.9.10 Release:
    - Security fixes:
      - S7000600, CVE-2011-3547: InputStream skip() information leak.
      - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
      - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
      - S7032417, CVE-2011-3552: excessive default UDP socket limit under
        SecurityManager.
      - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
      - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
        engine.
      - S7055902, CVE-2011-3521: IIOP deserialization code execution.
      - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
        error checks.
      - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
        against SSL/TLS (BEAST).
      - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
        PorterStemmer.
      - S7077466, CVE-2011-3556: RMI DGC server remote code execution.
      - S7083012, CVE-2011-3557: RMI registry privileged code execution.
      - S7096936, CVE-2011-3560: missing checkSetFactory calls in
        HttpsURLConnection.

Date: Tue, 08 Nov 2011 12:24:08 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/openjdk-6/6b20-1.9.10-0ubuntu1~10.10.2
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 12:24:08 -0800
Source: openjdk-6
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea6-plugin icedtea-6-jre-cacao openjdk-6-jre-zero
Architecture: source
Version: 6b20-1.9.10-0ubuntu1~10.10.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 icedtea6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-doc - OpenJDK Development Kit (JDK) documentation
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-lib - OpenJDK Java runtime (architecture independent libraries)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
 openjdk-6-source - OpenJDK Development Kit (JDK) source files
Changes: 
 openjdk-6 (6b20-1.9.10-0ubuntu1~10.10.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
     - debian/patches/SOP-bypass-icedtea6-1.9.patch: Remove special
       case for SocketPermission.
     - CVE-2011-3377
     - Applied inline due to needing to apply patches only once for netx,
       not for every vm
 .
 openjdk-6 (6b20-1.9.10-0ubuntu1~10.10.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: IcedTea6 1.9.10 Release:
     - Security fixes:
       - S7000600, CVE-2011-3547: InputStream skip() information leak.
       - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor.
       - S7023640, CVE-2011-3551: Java2D TransformHelper integer overflow.
       - S7032417, CVE-2011-3552: excessive default UDP socket limit under
         SecurityManager.
       - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak.
       - S7046823, CVE-2011-3544: missing SecurityManager checks in scripting
         engine.
       - S7055902, CVE-2011-3521: IIOP deserialization code execution.
       - S7057857, CVE-2011-3554: insufficient pack200 JAR files uncompress
         error checks.
       - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack
         against SSL/TLS (BEAST).
       - S7070134, CVE-2011-3558: HotSpot crashes with sigsegv from
         PorterStemmer.
       - S7077466, CVE-2011-3556: RMI DGC server remote code execution.
       - S7083012, CVE-2011-3557: RMI registry privileged code execution.
       - S7096936, CVE-2011-3560: missing checkSetFactory calls in
         HttpsURLConnection.
Checksums-Sha1: 
 fbc458c8edf80fccfeac9573f40edb0e629ba395 3122 openjdk-6_6b20-1.9.10-0ubuntu1~10.10.2.dsc
 c529af1c4c8c2042cd83d191f39f03281a2386de 138883 openjdk-6_6b20-1.9.10-0ubuntu1~10.10.2.diff.gz
Checksums-Sha256: 
 3a769979c0286fc368482d6e749aa5071d5d490ce1beba7c6a03c1a517346067 3122 openjdk-6_6b20-1.9.10-0ubuntu1~10.10.2.dsc
 fa990cf0982aa7b5c0986e317d8d2d5245c2ff04637e0ae93f2bd3e8d7f76f6d 138883 openjdk-6_6b20-1.9.10-0ubuntu1~10.10.2.diff.gz
Files: 
 22795a87f555924472147d0ea69b7938 3122 java optional openjdk-6_6b20-1.9.10-0ubuntu1~10.10.2.dsc
 5eeaa5e60c6d9bb1ae3c37e114c13919 138883 java optional openjdk-6_6b20-1.9.10-0ubuntu1~10.10.2.diff.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

From sbeattie at ubuntu.com  Wed Nov 16 00:10:06 2011
From: sbeattie at ubuntu.com (Steve Beattie)
Date: Wed, 16 Nov 2011 00:10:06 -0000
Subject: [ubuntu/maverick-security] openjdk-6b18 6b18-1.8.10-0ubuntu1~10.10.2
	(Accepted)
Message-ID: <20111116001006.20383.94480.launchpad@cocoplum.canonical.com>

openjdk-6b18 (6b18-1.8.10-0ubuntu1~10.10.2) maverick-security; urgency=low

  * SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
    - debian/patches/SOP-bypass-icedtea6-1.8.patch: Remove special
      case for SocketPermission.
    - CVE-2011-3377
    - Applied inline due to needing to apply patches only once for netx,
      not for every vm build.

openjdk-6b18 (6b18-1.8.10-0ubuntu1~10.10.1) maverick-security; urgency=low

  * SECURITY UPDATE: IcedTea6 1.8.10 release (LP: #878684)
    - security fixes:
      - S7000600, CVE-2011-3547: InputStream skip() information leak
      - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
      - S7023640, CVE-2011-3551: Java2D TransformHelper integer
        overflow
      - S7032417, CVE-2011-3552: excessive default UDP socket limit
        under SecurityManager
      - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
      - S7046823, CVE-2011-3544: missing SecurityManager checks in
        scripting engine
      - S7055902, CVE-2011-3521: IIOP deserialization code execution
      - S7057857, CVE-2011-3554: insufficient pack200 JAR files
        uncompress error checks
      - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext
        attack against SSL/TLS (BEAST)
      - S7077466, CVE-2011-3556: RMI DGC server remote code execution
      - S7083012, CVE-2011-3557: RMI registry privileged code execution
      - S7096936, CVE-2011-3560: missing checkSetFactory calls in
        HttpsURLConnection
    - unapplied previous updates inline changes as they were
      incorporated upstream; remaining changes in Makefile.{in,am} and
      ports/hotspot/make/linux/makefiles/zeroshark.make

Date: Tue, 08 Nov 2011 02:44:14 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/openjdk-6b18/6b18-1.8.10-0ubuntu1~10.10.2
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 02:44:14 -0800
Source: openjdk-6b18
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-demo openjdk-6-dbg icedtea6-plugin icedtea-6-jre-cacao openjdk-6-jre-zero
Architecture: source
Version: 6b18-1.8.10-0ubuntu1~10.10.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-jre-cacao - Alternative JVM for OpenJDK, using Cacao
 icedtea6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols)
 openjdk-6-demo - Java runtime based on OpenJDK (demos and examples)
 openjdk-6-jdk - OpenJDK Development Kit (JDK)
 openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name}
 openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless)
 openjdk-6-jre-zero - Alternative JVM for OpenJDK, using Zero/Shark
Launchpad-Bugs-Fixed: 878684
Changes: 
 openjdk-6b18 (6b18-1.8.10-0ubuntu1~10.10.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: Same Origin Policy (SOP) bypass flaw
     - debian/patches/SOP-bypass-icedtea6-1.8.patch: Remove special
       case for SocketPermission.
     - CVE-2011-3377
     - Applied inline due to needing to apply patches only once for netx,
       not for every vm build.
 .
 openjdk-6b18 (6b18-1.8.10-0ubuntu1~10.10.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: IcedTea6 1.8.10 release (LP: #878684)
     - security fixes:
       - S7000600, CVE-2011-3547: InputStream skip() information leak
       - S7019773, CVE-2011-3548: mutable static AWTKeyStroke.ctor
       - S7023640, CVE-2011-3551: Java2D TransformHelper integer
         overflow
       - S7032417, CVE-2011-3552: excessive default UDP socket limit
         under SecurityManager
       - S7046794, CVE-2011-3553: JAX-WS stack-traces information leak
       - S7046823, CVE-2011-3544: missing SecurityManager checks in
         scripting engine
       - S7055902, CVE-2011-3521: IIOP deserialization code execution
       - S7057857, CVE-2011-3554: insufficient pack200 JAR files
         uncompress error checks
       - S7064341, CVE-2011-3389: HTTPS: block-wise chosen-plaintext
         attack against SSL/TLS (BEAST)
       - S7077466, CVE-2011-3556: RMI DGC server remote code execution
       - S7083012, CVE-2011-3557: RMI registry privileged code execution
       - S7096936, CVE-2011-3560: missing checkSetFactory calls in
         HttpsURLConnection
     - unapplied previous updates inline changes as they were
       incorporated upstream; remaining changes in Makefile.{in,am} and
       ports/hotspot/make/linux/makefiles/zeroshark.make
Checksums-Sha1: 
 25e7e5f89478d4508ad494b889700209a73a2ed1 3125 openjdk-6b18_6b18-1.8.10-0ubuntu1~10.10.2.dsc
 07bf5636544ed9a1d61455d6229045cd63deed4f 141597 openjdk-6b18_6b18-1.8.10-0ubuntu1~10.10.2.diff.gz
Checksums-Sha256: 
 c4f1e01b5320a4f1bd22df28a427ebf57759be355c7b4746acf2abf6a9b751aa 3125 openjdk-6b18_6b18-1.8.10-0ubuntu1~10.10.2.dsc
 c6093f8c40de73ede6b34a53276e0f566a39481acee28aa39541b9f1ee565a37 141597 openjdk-6b18_6b18-1.8.10-0ubuntu1~10.10.2.diff.gz
Files: 
 646936d4b1359ed9bc0ec86a6571a32d 3125 java optional openjdk-6b18_6b18-1.8.10-0ubuntu1~10.10.2.dsc
 e57399ae482cbcb0d15efe0195520584 141597 java optional openjdk-6b18_6b18-1.8.10-0ubuntu1~10.10.2.diff.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

From sbeattie at ubuntu.com  Wed Nov 16 06:03:30 2011
From: sbeattie at ubuntu.com (Steve Beattie)
Date: Wed, 16 Nov 2011 06:03:30 -0000
Subject: [ubuntu/maverick-security] musica 2.5-0ubuntu1.2 (Accepted)
Message-ID: <20111116060330.30663.34919.launchpad@cocoplum.canonical.com>

musica (2.5-0ubuntu1.2) maverick-security; urgency=low

  * SECURITY UPDATE: information disclosure (LP: #888218)
    - debian/cron.hourly: bail out if the expected directory doesn't
      exist yet instead of indexing from the root of the filesystem
    - patch thanks to Dustin Kirkland, musica upstream.

Date: Tue, 15 Nov 2011 00:21:59 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Dustin Kirkland <kirkland at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/musica/2.5-0ubuntu1.2
-------------- next part --------------
Format: 1.8
Date: Tue, 15 Nov 2011 00:21:59 -0800
Source: musica
Binary: musica
Architecture: source
Version: 2.5-0ubuntu1.2
Distribution: maverick-security
Urgency: low
Maintainer: Dustin Kirkland <kirkland at ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 musica     - a web application for browsing and listening to your music
Launchpad-Bugs-Fixed: 888218
Changes: 
 musica (2.5-0ubuntu1.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: information disclosure (LP: #888218)
     - debian/cron.hourly: bail out if the expected directory doesn't
       exist yet instead of indexing from the root of the filesystem
     - patch thanks to Dustin Kirkland, musica upstream.
Checksums-Sha1: 
 d1a72e926e93f949bbd9a47b6a5004f149599ef2 1706 musica_2.5-0ubuntu1.2.dsc
 8b0427c9f71e3e4bbda6ca7323b56fa2f36fe955 4463 musica_2.5-0ubuntu1.2.diff.gz
Checksums-Sha256: 
 38830ccf860ab7d5e97d506da0e802a2c97994e1bb52bf50631969c255d2d25d 1706 musica_2.5-0ubuntu1.2.dsc
 74d69bb52fb0c70c44b697d83c1e21425fb6c0eec9e7590e8737216ae3e5d6cd 4463 musica_2.5-0ubuntu1.2.diff.gz
Files: 
 34d598e6916e7f14e97d29380517ec21 1706 web optional musica_2.5-0ubuntu1.2.dsc
 0b99312034c42249de55ba83c2d2b397 4463 web optional musica_2.5-0ubuntu1.2.diff.gz

From serge.hallyn at ubuntu.com  Wed Nov 16 06:09:44 2011
From: serge.hallyn at ubuntu.com (Serge Hallyn)
Date: Wed, 16 Nov 2011 06:09:44 -0000
Subject: [ubuntu/maverick-proposed] libvirt 0.8.3-1ubuntu19.4 (Accepted)
Message-ID: <20111116060944.4188.81547.launchpad@gac.canonical.com>

libvirt (0.8.3-1ubuntu19.4) maverick-proposed; urgency=low

  * New version of debian/patches/lxc-use-own-ptyfns.patch.  Previous version
    failed to build.

libvirt (0.8.3-1ubuntu19.3) maverick-proposed; urgency=low

  * lxc_controller: use our own unlocpt+grantpt rather than glibc's, which
    can't handle opening a pty in a devpts not mounted at /dev/pts.
    (LP: #863629)

Date: Tue, 15 Nov 2011 08:06:57 -0600
Changed-By: Serge Hallyn <serge.hallyn at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/libvirt/0.8.3-1ubuntu19.4
-------------- next part --------------
Format: 1.8
Date: Tue, 15 Nov 2011 08:06:57 -0600
Source: libvirt
Binary: libvirt-bin libvirt0 libvirt0-dbg libvirt-doc libvirt-dev python-libvirt
Architecture: source
Version: 0.8.3-1ubuntu19.4
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Serge Hallyn <serge.hallyn at ubuntu.com>
Description: 
 libvirt-bin - the programs for the libvirt library
 libvirt-dev - development files for the libvirt library
 libvirt-doc - documentation for the libvirt library
 libvirt0   - library for interfacing with different virtualization systems
 libvirt0-dbg - library for interfacing with different virtualization systems
 python-libvirt - libvirt Python bindings
Launchpad-Bugs-Fixed: 863629
Changes: 
 libvirt (0.8.3-1ubuntu19.4) maverick-proposed; urgency=low
 .
   * New version of debian/patches/lxc-use-own-ptyfns.patch.  Previous version
     failed to build.
 .
 libvirt (0.8.3-1ubuntu19.3) maverick-proposed; urgency=low
 .
   * lxc_controller: use our own unlocpt+grantpt rather than glibc's, which
     can't handle opening a pty in a devpts not mounted at /dev/pts.
     (LP: #863629)
Checksums-Sha1: 
 1bb81d17899011701629cbfb596724a87af38b5f 2321 libvirt_0.8.3-1ubuntu19.4.dsc
 e96690b4e23d88e424e4fc091564413c7bda0d63 74892 libvirt_0.8.3-1ubuntu19.4.debian.tar.gz
Checksums-Sha256: 
 61481fb3c5b38638e7a57aab2fb74aaa0741899036a814291ede0fff9b89de13 2321 libvirt_0.8.3-1ubuntu19.4.dsc
 ffbb8111bb947b7974ab8eff4d489b87112d0d0486a29a8c122eb13904819e13 74892 libvirt_0.8.3-1ubuntu19.4.debian.tar.gz
Files: 
 784b2904f061dd91989c9cbdb58c2a7a 2321 libs optional libvirt_0.8.3-1ubuntu19.4.dsc
 4f7b678e38e8f16e7793752be8011081 74892 libs optional libvirt_0.8.3-1ubuntu19.4.debian.tar.gz
Original-Maintainer: Debian Libvirt Maintainers <pkg-libvirt-maintainers at lists.alioth.debian.org>

From sbeattie at ubuntu.com  Wed Nov 16 17:05:54 2011
From: sbeattie at ubuntu.com (Steve Beattie)
Date: Wed, 16 Nov 2011 17:05:54 -0000
Subject: [ubuntu/maverick-security]
	man2html_1.6f+repack-1+squeeze1build0.10.10.1_powerpc_translations.tar.gz,
	man2html_1.6f+repack-1+squeeze1build0.10.10.1_i386_translations.tar.gz, 
	man2html_1.6f+repack-1+squeeze1build0.10.10.1_armel_translations.tar.gz,
	man2html,
	man2html_1.6f+repack-1+squeeze1build0.10.10.1_amd64_translations.tar.gz
	1.6f+repack-1+squeeze1build0.10.10.1 (Accepted)
Message-ID: <20111116170554.25668.7554.launchpad@cocoplum.canonical.com>

man2html (1.6f+repack-1+squeeze1build0.10.10.1) maverick-security; urgency=low

  * fake sync from Debian

man2html (1.6f+repack-1+squeeze1) stable-security; urgency=high

  * man2html.cgi.c: Validate user input and make some error messages less
    verbose to prevent XSS attacks (CVE-2011-2770).

Date: Wed, 16 Nov 2011 01:29:49 -0800
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Robert Luberda <robert at debian.org>
https://launchpad.net/ubuntu/maverick/+source/man2html/1.6f+repack-1+squeeze1build0.10.10.1
-------------- next part --------------
Format: 1.8
Date: Wed, 16 Nov 2011 01:29:49 -0800
Source: man2html
Binary: man2html
Architecture: source
Version: 1.6f+repack-1+squeeze1build0.10.10.1
Distribution: maverick-security
Urgency: high
Maintainer: Robert Luberda <robert at debian.org>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 man2html   - browse man pages in your web browser
Changes: 
 man2html (1.6f+repack-1+squeeze1build0.10.10.1) maverick-security; urgency=low
 .
   * fake sync from Debian
 .
 man2html (1.6f+repack-1+squeeze1) stable-security; urgency=high
 .
   * man2html.cgi.c: Validate user input and make some error messages less
     verbose to prevent XSS attacks (CVE-2011-2770).
Checksums-Sha1: 
 7cc077ebab6496b4d32f6837ba179898a76543d5 1754 man2html_1.6f+repack-1+squeeze1build0.10.10.1.dsc
 e4d8051d8145feb37e6373abed5e2f8b126a3bd0 61382 man2html_1.6f+repack-1+squeeze1build0.10.10.1.debian.tar.gz
Checksums-Sha256: 
 0efbe0361fb2788d5d5f82fb54ee8e40395c3298eaa9a0a4e7031e70f889ec24 1754 man2html_1.6f+repack-1+squeeze1build0.10.10.1.dsc
 14296d4a1c32da313acc54e3771d91cce161333cb79391b05bc440c63db123c1 61382 man2html_1.6f+repack-1+squeeze1build0.10.10.1.debian.tar.gz
Files: 
 7f903ffbe1685bbac15bf3b28deeb387 1754 doc optional man2html_1.6f+repack-1+squeeze1build0.10.10.1.dsc
 924597f9da5aeb412e5083bcc867636d 61382 doc optional man2html_1.6f+repack-1+squeeze1build0.10.10.1.debian.tar.gz

From marc.deslauriers at ubuntu.com  Wed Nov 16 23:04:07 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Wed, 16 Nov 2011 23:04:07 -0000
Subject: [ubuntu/maverick-security]
	bind9_9.7.1.dfsg.P2-2ubuntu0.5_armel_translations.tar.gz, bind9,
	bind9_9.7.1.dfsg.P2-2ubuntu0.5_i386_translations.tar.gz,
	bind9_9.7.1.dfsg.P2-2ubuntu0.5_amd64_translations.tar.gz,
	bind9_9.7.1.dfsg.P2-2ubuntu0.5_powerpc_translations.tar.gz
	1:9.7.1.dfsg.P2-2ubuntu0.5 (Accepted)
Message-ID: <20111116230407.1743.23509.launchpad@cocoplum.canonical.com>

bind9 (1:9.7.1.dfsg.P2-2ubuntu0.5) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service via specially crafted packet
    - debian/patches/CVE-2011-4313.patch: correctly handle cache lookups
      that return RRSIG data associated with nonexistent records in
      bin/named/query.c,lib/dns/rbtdb.c.
    - CVE-2011-4313

Date: Wed, 16 Nov 2011 14:27:21 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/bind9/1:9.7.1.dfsg.P2-2ubuntu0.5
-------------- next part --------------
Format: 1.8
Date: Wed, 16 Nov 2011 14:27:21 -0500
Source: bind9
Binary: bind9 bind9utils bind9-doc host bind9-host libbind-dev libbind9-60 libdns66 libisc60 liblwres60 libisccc60 libisccfg60 dnsutils lwresd
Architecture: source
Version: 1:9.7.1.dfsg.P2-2ubuntu0.5
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 bind9      - Internet Domain Name Server
 bind9-doc  - Documentation for BIND
 bind9-host - Version of 'host' bundled with BIND 9.X
 bind9utils - Utilities for BIND
 dnsutils   - Clients provided with BIND
 host       - Transitional package
 libbind-dev - Static Libraries and Headers used by BIND
 libbind9-60 - BIND9 Shared Library used by BIND
 libdns66   - DNS Shared Library used by BIND
 libisc60   - ISC Shared Library used by BIND
 libisccc60 - Command Channel Library used by BIND
 libisccfg60 - Config File Handling Library used by BIND
 liblwres60 - Lightweight Resolver Library used by BIND
 lwresd     - Lightweight Resolver Daemon
Changes: 
 bind9 (1:9.7.1.dfsg.P2-2ubuntu0.5) maverick-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via specially crafted packet
     - debian/patches/CVE-2011-4313.patch: correctly handle cache lookups
       that return RRSIG data associated with nonexistent records in
       bin/named/query.c,lib/dns/rbtdb.c.
     - CVE-2011-4313
Checksums-Sha1: 
 8806b931ada0bbd277129d39e5b00fc453d16def 2292 bind9_9.7.1.dfsg.P2-2ubuntu0.5.dsc
 267287245075672cc220be35f3c9343f7b1b2bdc 637317 bind9_9.7.1.dfsg.P2-2ubuntu0.5.debian.tar.gz
Checksums-Sha256: 
 6d6071f8ff1f264f8cd76dc98a8dd8d62add3e01e4c4769010c75604aa81f2ae 2292 bind9_9.7.1.dfsg.P2-2ubuntu0.5.dsc
 549d8a55a4785b6771afb8aa4f16df6a948f4787ed6ca481704b97853d38d855 637317 bind9_9.7.1.dfsg.P2-2ubuntu0.5.debian.tar.gz
Files: 
 8257c06ac286c19a81057a0a6b58d5dd 2292 net optional bind9_9.7.1.dfsg.P2-2ubuntu0.5.dsc
 e5dad576df402d06f2abf8e71e1b7cff 637317 net optional bind9_9.7.1.dfsg.P2-2ubuntu0.5.debian.tar.gz
Original-Maintainer: LaMont Jones <lamont at debian.org>

From jamie at ubuntu.com  Thu Nov 17 15:04:32 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Thu, 17 Nov 2011 15:04:32 -0000
Subject: [ubuntu/maverick-security]
	openldap_2.4.23-0ubuntu3.7_powerpc_translations.tar.gz, openldap,
	openldap_2.4.23-0ubuntu3.7_i386_translations.tar.gz,
	openldap_2.4.23-0ubuntu3.7_armel_translations.tar.gz,
	openldap_2.4.23-0ubuntu3.7_amd64_translations.tar.gz 2.4.23-0ubuntu3.7
	(Accepted)
Message-ID: <20111117150432.17615.15909.launchpad@cocoplum.canonical.com>

openldap (2.4.23-0ubuntu3.7) maverick-security; urgency=low

  * SECURITY UPDATE: potential denial of service (LP: #884163)
    - debian/patches/CVE-2011-4079: fix off by one error in
      postalAddressNormalize()
    - CVE-2011-4079

Date: Mon, 14 Nov 2011 13:30:50 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/openldap/2.4.23-0ubuntu3.7
-------------- next part --------------
Format: 1.8
Date: Mon, 14 Nov 2011 13:30:50 -0600
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.23-0ubuntu3.7
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
Launchpad-Bugs-Fixed: 884163
Changes: 
 openldap (2.4.23-0ubuntu3.7) maverick-security; urgency=low
 .
   * SECURITY UPDATE: potential denial of service (LP: #884163)
     - debian/patches/CVE-2011-4079: fix off by one error in
       postalAddressNormalize()
     - CVE-2011-4079
Checksums-Sha1: 
 77f3683f89b1198154e1c1f6287a39a7e18fa34d 2628 openldap_2.4.23-0ubuntu3.7.dsc
 06ad2b3d86907958128b2b15de19d2a9f78f8494 159918 openldap_2.4.23-0ubuntu3.7.diff.gz
Checksums-Sha256: 
 ea1137f7777f80ab1e02163a9c38aab595976e133f51e0851de765cd8b36ca60 2628 openldap_2.4.23-0ubuntu3.7.dsc
 1995d7bd0bbf47f9be640e29e504448966d6fc5f69465225801b43f4864ea657 159918 openldap_2.4.23-0ubuntu3.7.diff.gz
Files: 
 10e10920f18c8ca93411a916f69bfb0e 2628 net optional openldap_2.4.23-0ubuntu3.7.dsc
 ebb98c493d0e0bbf222cdee684a33a4e 159918 net optional openldap_2.4.23-0ubuntu3.7.diff.gz
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>

From tyhicks at canonical.com  Fri Nov 18 04:03:43 2011
From: tyhicks at canonical.com (Tyler Hicks)
Date: Fri, 18 Nov 2011 04:03:43 -0000
Subject: [ubuntu/maverick-security] freetype 2.4.2-2ubuntu0.3 (Accepted)
Message-ID: <20111118040343.29609.12803.launchpad@cocoplum.canonical.com>

freetype (2.4.2-2ubuntu0.3) maverick-security; urgency=low

  * SECURITY UPDATE: Arbitrary code execution via crafted Type 1 font
    - debian/patches-freetype/CVE-2011-3256.patch: Sanitize Type 1 font inputs
      in src/base/ftbitmap.c, src/psaux/t1decode.c, src/raster/ftrend1.c, and
      src/truetype/ttgxvar.c. Based on upstream patch.
    - CVE-2011-3256
  * SECURITY UPDATE: Arbitrary code execution via crafted CID-keyed PS font
    - debian/patches-freetype/CVE-2011-3439.patch: Sanitize CID-keyed
      PostScript font inputs in src/cid/cidload.c. Based on upstream patch.
    - CVE-2011-3439

Date: Thu, 17 Nov 2011 13:59:14 -0600
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/freetype/2.4.2-2ubuntu0.3
-------------- next part --------------
Format: 1.8
Date: Thu, 17 Nov 2011 13:59:14 -0600
Source: freetype
Binary: libfreetype6 libfreetype6-dev freetype2-demos libfreetype6-udeb
Architecture: source
Version: 2.4.2-2ubuntu0.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 freetype2-demos - FreeType 2 demonstration programs
 libfreetype6 - FreeType 2 font engine, shared library files
 libfreetype6-dev - FreeType 2 font engine, development files
 libfreetype6-udeb - FreeType 2 font engine for the debian-installer (udeb)
Changes: 
 freetype (2.4.2-2ubuntu0.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: Arbitrary code execution via crafted Type 1 font
     - debian/patches-freetype/CVE-2011-3256.patch: Sanitize Type 1 font inputs
       in src/base/ftbitmap.c, src/psaux/t1decode.c, src/raster/ftrend1.c, and
       src/truetype/ttgxvar.c. Based on upstream patch.
     - CVE-2011-3256
   * SECURITY UPDATE: Arbitrary code execution via crafted CID-keyed PS font
     - debian/patches-freetype/CVE-2011-3439.patch: Sanitize CID-keyed
       PostScript font inputs in src/cid/cidload.c. Based on upstream patch.
     - CVE-2011-3439
Checksums-Sha1: 
 a77c8649b53369df78aa84021ee2b38324491a89 1946 freetype_2.4.2-2ubuntu0.3.dsc
 6d028ced61786d58dc9e88a3c56b6e4063d4fcf2 39350 freetype_2.4.2-2ubuntu0.3.diff.gz
Checksums-Sha256: 
 d4a59b8e3563808c45e3eeef94c457c9ba26147e40104fc2d0d204bed464d4d6 1946 freetype_2.4.2-2ubuntu0.3.dsc
 3ff1cf05348aa9a3812cd9b97c65d5966f740725e5cf06e569b71b8a3fd0de47 39350 freetype_2.4.2-2ubuntu0.3.diff.gz
Files: 
 79ecab4374a638f7a119cd3c5ff3cd91 1946 libs optional freetype_2.4.2-2ubuntu0.3.dsc
 996f4c395d3244c81fee4af0999f92b7 39350 libs optional freetype_2.4.2-2ubuntu0.3.diff.gz
Original-Maintainer: Steve Langasek <vorlon at debian.org>

From marc.deslauriers at ubuntu.com  Mon Nov 21 18:04:05 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Mon, 21 Nov 2011 18:04:05 -0000
Subject: [ubuntu/maverick-security]
	software-center_3.0.10ubuntu0.1_i386_translations.tar.gz,
	software-center 3.0.10ubuntu0.1 (Accepted)
Message-ID: <20111121180405.5167.79986.launchpad@cocoplum.canonical.com>

software-center (3.0.10ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #874242)
    - softwarecenter/view/purchasedialog.py: Set the ssl-ca-file libsoup
      property so ssl cert validation works.
    - CVE-2011-3150

Date: Fri, 18 Nov 2011 08:39:09 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <mvo at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/software-center/3.0.10ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Fri, 18 Nov 2011 08:39:09 -0500
Source: software-center
Binary: software-center
Architecture: source
Version: 3.0.10ubuntu0.1
Distribution: maverick-security
Urgency: low
Maintainer: Michael Vogt <mvo at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 software-center - Utility for browsing, installing, and removing applications
Launchpad-Bugs-Fixed: 874242
Changes: 
 software-center (3.0.10ubuntu0.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: MITM via incorrect ssl cert validation (LP: #874242)
     - softwarecenter/view/purchasedialog.py: Set the ssl-ca-file libsoup
       property so ssl cert validation works.
     - CVE-2011-3150
Checksums-Sha1: 
 c1e8b70d320bcdd37a68c702e017a6c352054373 1701 software-center_3.0.10ubuntu0.1.dsc
 98a84f5a35cc613d4540432fb2171c20e26f134e 637170 software-center_3.0.10ubuntu0.1.tar.gz
Checksums-Sha256: 
 03795087fa47f4dbb054dba5d6ee6d16d8bc9d338e883343c5ce6bb57135020f 1701 software-center_3.0.10ubuntu0.1.dsc
 a24af71c438b0e19d7ae34851e82366b0c783d6483f1a814169e2fe2bac22f81 637170 software-center_3.0.10ubuntu0.1.tar.gz
Files: 
 fe28eb0108d49fdbf2a1b6f074b19695 1701 gnome optional software-center_3.0.10ubuntu0.1.dsc
 db77517a9437abf9d078b80b08f39d2b 637170 gnome optional software-center_3.0.10ubuntu0.1.tar.gz

From marc.deslauriers at ubuntu.com  Mon Nov 21 20:05:06 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Mon, 21 Nov 2011 20:05:06 -0000
Subject: [ubuntu/maverick-security]
	pidgin_2.7.3-1ubuntu3.3_powerpc_translations.tar.gz,
	pidgin_2.7.3-1ubuntu3.3_armel_translations.tar.gz, pidgin,
	pidgin_2.7.3-1ubuntu3.3_amd64_translations.tar.gz,
	pidgin_2.7.3-1ubuntu3.3_i386_translations.tar.gz 1:2.7.3-1ubuntu3.3
	(Accepted)
Message-ID: <20111121200506.15679.31584.launchpad@cocoplum.canonical.com>

pidgin (1:2.7.3-1ubuntu3.3) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
    YMSG message
    - debian/patches/64_CVE-2011-1091.patch: validate messages in
      libpurple/protocols/yahoo/libymsg.c.
    - CVE-2011-1091
  * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
    response size
    - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
      libpurple/protocols/msn/httpconn.c.
    - CVE-2011-3184
  * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
    sequence
    - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
      libpurple/protocols/silc/ops.c.
    - CVE-2011-3594

Date: Fri, 18 Nov 2011 14:40:50 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/pidgin/1:2.7.3-1ubuntu3.3
-------------- next part --------------
Format: 1.8
Date: Fri, 18 Nov 2011 14:40:50 -0500
Source: pidgin
Binary: libpurple0 pidgin pidgin-data pidgin-dev pidgin-dbg finch finch-dev libpurple-dev libpurple-bin
Architecture: source
Version: 1:2.7.3-1ubuntu3.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 finch      - text-based multi-protocol instant messaging client
 finch-dev  - text-based multi-protocol instant messaging client - development
 libpurple-bin - multi-protocol instant messaging library - extra utilities
 libpurple-dev - multi-protocol instant messaging library - development files
 libpurple0 - multi-protocol instant messaging library
 pidgin     - multi-protocol instant messaging client
 pidgin-data - multi-protocol instant messaging client - data files
 pidgin-dbg - Debugging symbols for Pidgin
 pidgin-dev - multi-protocol instant messaging client - development files
Changes: 
 pidgin (1:2.7.3-1ubuntu3.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: denial of service in Yahoo! protocol via malormed
     YMSG message
     - debian/patches/64_CVE-2011-1091.patch: validate messages in
       libpurple/protocols/yahoo/libymsg.c.
     - CVE-2011-1091
   * SECURITY UPDATE: denial of service in MSN protocol via HTTP 100
     response size
     - debian/patches/65_CVE-2011-3184.patch: properly calculate size in
       libpurple/protocols/msn/httpconn.c.
     - CVE-2011-3184
   * SECURITY UPDATE: denial of service in SILC protocol via invalid UTF-8
     sequence
     - debian/patches/66_CVE-2011-3594.patch: properly handle utf-8 in
       libpurple/protocols/silc/ops.c.
     - CVE-2011-3594
Checksums-Sha1: 
 30cc1fd16ed99ca605f5df441c26a2011baec2c3 2687 pidgin_2.7.3-1ubuntu3.3.dsc
 eeca1cde094d78b219f0e3fbd7f23f478104d3ef 74983 pidgin_2.7.3-1ubuntu3.3.debian.tar.gz
Checksums-Sha256: 
 1845bd466cdf93e15c72d642ca3e5961c175922dd3c07e221adf0996253889ab 2687 pidgin_2.7.3-1ubuntu3.3.dsc
 62cb2877aacf8a3d8d2c3a590517c22438124362a96b1fed8e088bb0854072e3 74983 pidgin_2.7.3-1ubuntu3.3.debian.tar.gz
Files: 
 341304624fb9522da5af29be3f11b7c8 2687 net optional pidgin_2.7.3-1ubuntu3.3.dsc
 8c755c3dbd53060a86a20452fa24acfc 74983 net optional pidgin_2.7.3-1ubuntu3.3.debian.tar.gz
Original-Maintainer: Ari Pollak <ari at debian.org>

From jamie at ubuntu.com  Mon Nov 21 23:07:39 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Mon, 21 Nov 2011 23:07:39 -0000
Subject: [ubuntu/maverick-security] kdeutils,
	kdeutils_4.5.5-0ubuntu2.2_i386_translations.tar.gz 4:4.5.5-0ubuntu2.2
	(Accepted)
Message-ID: <20111121230739.15759.58747.launchpad@cocoplum.canonical.com>

kdeutils (4:4.5.5-0ubuntu2.2) maverick-security; urgency=low

  * SECURITY UPDATE: fix directory traversal in Ark
    - debian/patches/CVE-2011-2725.patch: filter out '../' when previewing
      archives
    - CVE-2011-2725
    - LP: #878619

Date: Tue, 08 Nov 2011 16:25:32 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/kdeutils/4:4.5.5-0ubuntu2.2
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 16:25:32 -0600
Source: kdeutils
Binary: kdeutils kdeutils-dbg ark kcalc kcharselect kremotecontrol kdelirc kdf kfloppy kgpg ktimer kwalletmanager okteta plasma-scriptengine-superkaramba sweeper printer-applet
Architecture: source
Version: 4:4.5.5-0ubuntu2.2
Distribution: maverick-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 ark        - archive utility for KDE 4
 kcalc      - calculator for KDE 4
 kcharselect - special character utility for KDE 4
 kdelirc    - infrared remote control - transitional package
 kdeutils   - general-purpose utilities from the official KDE 4 release
 kdeutils-dbg - debugging symbols for the KDE 4 utilities module
 kdf        - disk information utility for KDE 4
 kfloppy    - floppy formatter for KDE 4
 kgpg       - encryption utility for KDE 4
 kremotecontrol - infrared remote control
 ktimer     - countdown timer for KDE 4
 kwalletmanager - secure password wallet manager for KDE 4
 okteta     - hexadecimal editor for binary files for KDE 4
 plasma-scriptengine-superkaramba - SuperKaramba theme support for the KDE 4 Plasma desktop
 printer-applet - printer status applet
 sweeper    - history and temporary file cleaner for KDE 4
Launchpad-Bugs-Fixed: 878619
Changes: 
 kdeutils (4:4.5.5-0ubuntu2.2) maverick-security; urgency=low
 .
   * SECURITY UPDATE: fix directory traversal in Ark
     - debian/patches/CVE-2011-2725.patch: filter out '../' when previewing
       archives
     - CVE-2011-2725
     - LP: #878619
Checksums-Sha1: 
 e5893ed0733713285b22eda7a4c659523ae338c3 2665 kdeutils_4.5.5-0ubuntu2.2.dsc
 73fdefc3657d3e00a52aa67ac3e7923f3008b387 37995 kdeutils_4.5.5-0ubuntu2.2.debian.tar.gz
Checksums-Sha256: 
 2af06ea3fa0e85bc8754e521dddeaca719ee278ddd27e2fe148138ebd4e93a0b 2665 kdeutils_4.5.5-0ubuntu2.2.dsc
 fba9747a9d4fa2c71d5b80700f338fe0d19a8c9b1984afae3795e15eeef8108e 37995 kdeutils_4.5.5-0ubuntu2.2.debian.tar.gz
Files: 
 e704b06dcaf8d3b0cc89f507d0ad318d 2665 kde optional kdeutils_4.5.5-0ubuntu2.2.dsc
 f7d27dd18a1bc69c674da44d9e5a708f 37995 kde optional kdeutils_4.5.5-0ubuntu2.2.debian.tar.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

From jamie at ubuntu.com  Mon Nov 21 23:08:00 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Mon, 21 Nov 2011 23:08:00 -0000
Subject: [ubuntu/maverick-security] meta-kde 5:63ubuntu7.2 (Accepted)
Message-ID: <20111121230800.15759.14710.launchpad@cocoplum.canonical.com>

meta-kde (5:63ubuntu7.2) maverick-security; urgency=low

  * No change rebuild for security. This is needed to build kdeutils in
    the security pocket.

Date: Thu, 10 Nov 2011 16:04:41 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/meta-kde/5:63ubuntu7.2
-------------- next part --------------
Format: 1.8
Date: Thu, 10 Nov 2011 16:04:41 -0600
Source: meta-kde
Binary: kde-plasma-desktop kde-plasma-netbook kde-standard kde-full kde-sc-dev-latest
Architecture: source
Version: 5:63ubuntu7.2
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 kde-full   - the complete KDE Software Compilation for end users
 kde-plasma-desktop - the KDE Plasma Desktop and minimal set of applications
 kde-plasma-netbook - the KDE Plasma Netbook and minimal set of applications
 kde-sc-dev-latest - ensure that the latest KDE Development Platform is installed
 kde-standard - the KDE Plasma Desktop and standard set of applications
Changes: 
 meta-kde (5:63ubuntu7.2) maverick-security; urgency=low
 .
   * No change rebuild for security. This is needed to build kdeutils in
     the security pocket.
Checksums-Sha1: 
 8aaca3838bd59e3b32e899ffc882240ed5de4dcb 1855 meta-kde_63ubuntu7.2.dsc
 adf237b601e376f30a26e965d45790bee909d15a 11027 meta-kde_63ubuntu7.2.tar.gz
Checksums-Sha256: 
 89ca4a6e103c5b27b5aaaa0350a87246f67551684dddc13cbaaf7823f7269da5 1855 meta-kde_63ubuntu7.2.dsc
 e741ba1569b6a0de829e4834b57323dbfb4403f08d9406da1709b03e5e3764cc 11027 meta-kde_63ubuntu7.2.tar.gz
Files: 
 c432ef579444bb44cd529c9159954a7d 1855 kde optional meta-kde_63ubuntu7.2.dsc
 edec2911103087863e5dc0d5f6053fea 11027 kde optional meta-kde_63ubuntu7.2.tar.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

From jamie at ubuntu.com  Mon Nov 21 23:08:09 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Mon, 21 Nov 2011 23:08:09 -0000
Subject: [ubuntu/maverick-security] kdepimlibs,
	kdepimlibs_4.5.5-0ubuntu2.1_i386_translations.tar.gz
	4:4.5.5-0ubuntu2.1 (Accepted)
Message-ID: <20111121230809.15759.55999.launchpad@cocoplum.canonical.com>

kdepimlibs (4:4.5.5-0ubuntu2.1) maverick-security; urgency=low

  * No change rebuild for security. This is needed to build kdeutils in
    the security pocket.

Date: Tue, 08 Nov 2011 16:49:03 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/kdepimlibs/4:4.5.5-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 16:49:03 -0600
Source: kdepimlibs
Binary: kdepimlibs5 kdepimlibs5-dev kdepimlibs-kio-plugins libakonadi-contact4 libakonadi-kabc4 libakonadi-kcal4 libakonadi-kde4 libakonadi-kmime4 libgpgme++2 libkabc4 libkblog4 libkcal4 libkholidays4 libkimap4 libkldap4 libkmime4 libkontactinterface4 libkpimidentities4 libkpimtextedit4 libkpimutils4 libkresources4 libktnef4 libkxmlrpcclient4 libmailtransport4 libmicroblog4 libqgpgme1 libsyndication4 kdepimlibs-dbg
Architecture: source
Version: 4:4.5.5-0ubuntu2.1
Distribution: maverick-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 kdepimlibs-dbg - debugging symbols for the KDE Development Platform PIM libraries
 kdepimlibs-kio-plugins - kio slaves used by KDE PIM applications
 kdepimlibs5 - the KDE Development Platform PIM libraries (transitional package)
 kdepimlibs5-dev - development files for the KDE Development Platform PIM libraries
 libakonadi-contact4 - library for using the Akonadi PIM data server
 libakonadi-kabc4 - library for using the Akonadi PIM data server
 libakonadi-kcal4 - library for using the Akonadi PIM data server
 libakonadi-kde4 - library for using the Akonadi PIM data server
 libakonadi-kmime4 - library for using the Akonadi PIM data server
 libgpgme++2 - c++ wrapper library for gpgme
 libkabc4   - library for handling address book data
 libkblog4  - client-side support library for web application remote blogging A
 libkcal4   - library for handling calendar data
 libkholidays4 - holidays calculation library
 libkimap4  - library for handling IMAP data
 libkldap4  - library for accessing LDAP
 libkmime4  - library for handling MIME data
 libkontactinterface4 - Kontact interface library
 libkpimidentities4 - library for managing user identities
 libkpimtextedit4 - library that provides a textedit with PIM-specific features
 libkpimutils4 - library for dealing with email addresses
 libkresources4 - the KDE Resource framework library
 libktnef4  - library for handling TNEF data
 libkxmlrpcclient4 - simple XML-RPC client library
 libmailtransport4 - mail transport service library
 libmicroblog4 - library for using the Microblog Akonadi Resource
 libqgpgme1 - library for GpgME++ integration with Qt
 libsyndication4 - parser library for RSS and Atom feeds
Changes: 
 kdepimlibs (4:4.5.5-0ubuntu2.1) maverick-security; urgency=low
 .
   * No change rebuild for security. This is needed to build kdeutils in
     the security pocket.
Checksums-Sha1: 
 b45b9030259dddb4694aba52969d48f023927ed7 2917 kdepimlibs_4.5.5-0ubuntu2.1.dsc
 57da39e11559dbe270b2aaec3be69f70469b1228 122886 kdepimlibs_4.5.5-0ubuntu2.1.debian.tar.gz
Checksums-Sha256: 
 8dc0155e7ab60465d5f968407fa3b52313265826abf89cbc66447c096d372d25 2917 kdepimlibs_4.5.5-0ubuntu2.1.dsc
 5cb2abff59c5f21dc053043fcb58b1eb34780f7cb527ea1e4fec43b4af0c54df 122886 kdepimlibs_4.5.5-0ubuntu2.1.debian.tar.gz
Files: 
 913378f21949c926949aaa38dc80c145 2917 libs optional kdepimlibs_4.5.5-0ubuntu2.1.dsc
 f219e5b4e3ab39a9007f866ad377d223 122886 libs optional kdepimlibs_4.5.5-0ubuntu2.1.debian.tar.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

From jamie at ubuntu.com  Mon Nov 21 23:08:40 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Mon, 21 Nov 2011 23:08:40 -0000
Subject: [ubuntu/maverick-security]
	kdegraphics_4.5.5-0ubuntu2.1_i386_translations.tar.gz,
	kdegraphics 4:4.5.5-0ubuntu2.1 (Accepted)
Message-ID: <20111121230840.15759.10345.launchpad@cocoplum.canonical.com>

kdegraphics (4:4.5.5-0ubuntu2.1) maverick-security; urgency=low

  * No change rebuild for security. This is needed to build kdeutils in
    the security pocket.

Date: Tue, 08 Nov 2011 16:46:22 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/kdegraphics/4:4.5.5-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 16:46:22 -0600
Source: kdegraphics
Binary: kdegraphics kdegraphics-libs-data kdegraphics-strigi-plugins gwenview kamera kcolorchooser kgamma kolourpaint4 kruler libksane0 libksane-dev ksnapshot libokularcore1 okular okular-dev okular-extra-backends libkdcraw8 libkdcraw-dev libkexiv2-8 libkexiv2-dev libkipi7 libkipi-dev kdegraphics-dbg
Architecture: source
Version: 4:4.5.5-0ubuntu2.1
Distribution: maverick-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 gwenview   - image viewer for KDE 4
 kamera     - digital camera support for KDE 4 applications
 kcolorchooser - color chooser and palette editor for KDE 4
 kdegraphics - graphics applications from the official KDE 4 release
 kdegraphics-dbg - debugging symbols for the KDE 4 graphics module
 kdegraphics-libs-data - data files for libraries from the kdegraphics module
 kdegraphics-strigi-plugins - graphics file format plugins for Strigi Desktop Search
 kgamma     - monitor calibration panel for KDE 4
 kolourpaint4 - simple image editor for KDE 4
 kruler     - screen ruler for KDE 4
 ksnapshot  - screen capture tool for KDE 4
 libkdcraw-dev - RAW picture decoding C++ library (development)
 libkdcraw8 - RAW picture decoding C++ library (runtime)
 libkexiv2-8 - Qt like interface for the libexiv2 library (runtime)
 libkexiv2-dev - Qt-like interface for the libexiv2 library (development)
 libkipi-dev - library for apps that want to use kipi-plugins (development versi
 libkipi7   - library for apps that want to use kipi-plugins (runtime version)
 libksane-dev - scanner library for KDE 4 (development)
 libksane0  - scanner library for KDE 4 (runtime)
 libokularcore1 - libraries for the Okular document viewer
 okular     - document viewer for KDE 4
 okular-dev - development files for the Okular libraries
 okular-extra-backends - additional document format support for Okular
Changes: 
 kdegraphics (4:4.5.5-0ubuntu2.1) maverick-security; urgency=low
 .
   * No change rebuild for security. This is needed to build kdeutils in
     the security pocket.
Checksums-Sha1: 
 61f415929e6474ef39aa56bd9c82f10297e54c85 2919 kdegraphics_4.5.5-0ubuntu2.1.dsc
 8719ba0f55426125620f2c999f5d2cd5fed501fc 48897 kdegraphics_4.5.5-0ubuntu2.1.debian.tar.gz
Checksums-Sha256: 
 9b7011358904af107f0f6927c9f72970d13fedb4c90797c344693680a26cb1bb 2919 kdegraphics_4.5.5-0ubuntu2.1.dsc
 0af1270b11e8f6d18bb561b7a61a4457b6828c2a5cf991ca613706aa8e8a5f4d 48897 kdegraphics_4.5.5-0ubuntu2.1.debian.tar.gz
Files: 
 399f6d747c242eba397d8aa341a10848 2919 kde optional kdegraphics_4.5.5-0ubuntu2.1.dsc
 3124741f8eacc29f997df3e87a8ca968 48897 kde optional kdegraphics_4.5.5-0ubuntu2.1.debian.tar.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

From jamie at ubuntu.com  Mon Nov 21 23:09:15 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Mon, 21 Nov 2011 23:09:15 -0000
Subject: [ubuntu/maverick-security]
	kdeedu_4.5.5-0ubuntu2.1_i386_translations.tar.gz,
	kdeedu 4:4.5.5-0ubuntu2.1 (Accepted)
Message-ID: <20111121230915.15759.62972.launchpad@cocoplum.canonical.com>

kdeedu (4:4.5.5-0ubuntu2.1) maverick-security; urgency=low

  * No change rebuild for security. This is needed to build kdeutils in
    the security pocket.

Date: Tue, 08 Nov 2011 16:51:42 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/kdeedu/4:4.5.5-0ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 16:51:42 -0600
Source: kdeedu
Binary: kdeedu blinken cantor cantor-backend-kalgebra cantor-backend-maxima cantor-backend-sage kalgebra kalzium kalzium-data kanagram kbruch kgeography kgeography-data khangman kig kiten klettres klettres-data kmplot kstars kstars-data ktouch kturtle kwordquiz libkdeedu4 libkdeedu-dev libkiten4 libkiten-dev librocslib4 librocslib-dev marble marble-data marble-plugins libmarblewidget10 libmarble-dev python-marble parley parley-data rocs step kdeedu-kvtml-data kdeedu-dbg
Architecture: source
Version: 4:4.5.5-0ubuntu2.1
Distribution: maverick-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 blinken    - KDE version of the Simon electronic memory game
 cantor     - interface for mathematical applications
 cantor-backend-kalgebra - KAlgebra backend for Cantor
 cantor-backend-maxima - Maxima backend for Cantor
 cantor-backend-sage - Sage backend for Cantor
 kalgebra   - algebraic graphing calculator for KDE
 kalzium    - periodic table and chemistry tools for KDE
 kalzium-data - data files for Kalzium
 kanagram   - jumble word puzzle for KDE
 kbruch     - fraction learning aid for KDE
 kdeedu     - educational applications from the official KDE release
 kdeedu-dbg - debugging symbols for the KDE education module
 kdeedu-kvtml-data - kvtml files for kdeedu programs
 kgeography - geography learning aid for KDE
 kgeography-data - data files for KGeography
 khangman   - Hangman word puzzle for KDE
 kig        - interactive geometry tool for KDE
 kiten      - Japanese reference and study aid for KDE
 klettres   - foreign alphabet tutor for KDE
 klettres-data - data files for KLettres foreign alphabet tutor
 kmplot     - mathematical function plotter for KDE
 kstars     - desktop planetarium for KDE
 kstars-data - data files for KStars desktop planetarium
 ktouch     - touch typing tutor for KDE
 kturtle    - Logo educational programming environment for KDE
 kwordquiz  - flashcard learning program for KDE
 libkdeedu-dev - development files for the KDE educational libraries
 libkdeedu4 - libraries for KDE educational applications
 libkiten-dev - development files for the Kiten Japanese reference libraries
 libkiten4  - libraries for the Kiten Japanese reference and study aid
 libmarble-dev - development files for the Marble globe widget library
 libmarblewidget10 - Marble globe widget library
 librocslib-dev - development files for the Rocs graphing library
 librocslib4 - Rocs graphing library
 marble     - globe and map widget
 marble-data - data files for Marble
 marble-plugins - plugins for Marble
 parley     - vocabulary trainer for KDE
 parley-data - data files for the Parley vocabulary trainer
 python-marble - Python bindings for Marble
 rocs       - graph theory IDE
 step       - interactive physical simulator for KDE
Changes: 
 kdeedu (4:4.5.5-0ubuntu2.1) maverick-security; urgency=low
 .
   * No change rebuild for security. This is needed to build kdeutils in
     the security pocket.
Checksums-Sha1: 
 dcdd845a26fd61ed72c3c0119919d27690c553b6 3420 kdeedu_4.5.5-0ubuntu2.1.dsc
 8dc3b89949fae9e3a068fae610e2edbe35d22949 68771 kdeedu_4.5.5-0ubuntu2.1.debian.tar.gz
Checksums-Sha256: 
 a6b666cc25753969befd285d46feb04b202bf7f9bf9b2a943c52004dd15855d3 3420 kdeedu_4.5.5-0ubuntu2.1.dsc
 d62d7ea52953db492316d8f8f55a0cd63e8839f047619562b16136da575cffa7 68771 kdeedu_4.5.5-0ubuntu2.1.debian.tar.gz
Files: 
 9d8872dc7b6f187dc1fa002ef038069a 3420 kde optional kdeedu_4.5.5-0ubuntu2.1.dsc
 88baa63ccb457db122e709a3186d62ad 68771 kde optional kdeedu_4.5.5-0ubuntu2.1.debian.tar.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

From jamie at ubuntu.com  Mon Nov 21 23:10:31 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Mon, 21 Nov 2011 23:10:31 -0000
Subject: [ubuntu/maverick-security] kdebase-workspace,
	kdebase-workspace_4.5.5-0ubuntu2.2_armel_translations.tar.gz,
	kdebase-workspace_4.5.5-0ubuntu2.2_powerpc_translations.tar.gz,
	kdebase-workspace_4.5.5-0ubuntu2.2_amd64_translations.tar.gz,
	kdebase-workspace_4.5.5-0ubuntu2.2_i386_translations.tar.gz
	4:4.5.5-0ubuntu2.2 (Accepted)
Message-ID: <20111121231031.15759.39450.launchpad@cocoplum.canonical.com>

kdebase-workspace (4:4.5.5-0ubuntu2.2) maverick-security; urgency=low

  * No change rebuild for security. This is needed to build kdeutils in
    the security pocket.
  * debian/control: relax build-dependency on kde-sc-dev-latest so this
    is actually buildable in the security PPA

Date: Tue, 08 Nov 2011 16:43:25 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/kdebase-workspace/4:4.5.5-0ubuntu2.2
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Nov 2011 16:43:25 -0600
Source: kdebase-workspace
Binary: kdebase-workspace plasma-desktop plasma-netbook kdebase-workspace-bin kdebase-workspace-data kdebase-workspace-wallpapers kdebase-workspace-dev kinfocenter plasma-dataengines-workspace plasma-widgets-workspace plasma-scriptengines plasma-scriptengine-qedje plasma-scriptengine-ruby plasma-scriptengine-python plasma-scriptengine-webkit kdm klipper ksysguardd ksysguard kde-window-manager libkdecorations4 libkwineffects1a systemsettings kdebase-workspace-kgreet-plugins libkephal4 libkscreensaver5 libksgrd4 libksignalplotter4 libkworkspace4 liblsofui4 libplasmaclock4b libplasma-geolocation-interface4 libplasmagenericshell4 libprocesscore4a libprocessui4a libsolidcontrol4a libsolidcontrolifaces4 libtaskmanager4a libweather-ion5 kdebase-workspace-dbg
Architecture: source
Version: 4:4.5.5-0ubuntu2.2
Distribution: maverick-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 kde-window-manager - the KDE 4 window manager (KWin)
 kdebase-workspace - base workspace components from the official KDE 4 release
 kdebase-workspace-bin - core binaries for the KDE 4 base workspace module
 kdebase-workspace-data - shared data files for the KDE 4 base workspace module
 kdebase-workspace-dbg - debugging symbols for the KDE 4 base workspace module
 kdebase-workspace-dev - development files for the KDE 4 base workspace module
 kdebase-workspace-kgreet-plugins - KDE greet libraries for authentication
 kdebase-workspace-wallpapers - set of extra wallpapers from the KDE 4 base module
 kdm        - KDE Display Manager for X11
 kinfocenter - system information viewer for KDE
 klipper    - clipboard utility for KDE 4
 ksysguard  - System Guard for KDE 4
 ksysguardd - System Guard Daemon for KDE 4
 libkdecorations4 - library used by decorations for the KDE 4 window manager
 libkephal4 - API for easier handling of multihead systems
 libkscreensaver5 - library of the KDE Screensaver system
 libksgrd4  - library for the ksysguard GUI
 libksignalplotter4 - the KSignalPlotter widget
 libkwineffects1a - library used by effects for the KDE 4 window manager
 libkworkspace4 - library for the kdebase workspace
 liblsofui4 - library for ksysguard based priority scheduling
 libplasma-geolocation-interface4 - library for the Plasma geolocation
 libplasmaclock4b - library for Plasma clocks
 libplasmagenericshell4 - shared elements for all the plasma shells
 libprocesscore4a - library for ksysguard based process view
 libprocessui4a - library for ksysguard process user interface
 libsolidcontrol4a - library for Solid based network management
 libsolidcontrolifaces4 - library for Solid based network interface management
 libtaskmanager4a - library which provides task management facilities
 libweather-ion5 - library which provides an interface for weather information servi
 plasma-dataengines-workspace - KDE 4 base workspace Plasma data engines
 plasma-desktop - The KDE Plasma workspace for desktop and laptop computers
 plasma-netbook - The KDE Plasma workspace for netbook computers
 plasma-scriptengine-python - Python script engine for Plasma
 plasma-scriptengine-qedje - QEdje script engine for Plasma
 plasma-scriptengine-ruby - Ruby script engine for Plasma
 plasma-scriptengine-webkit - Web and Mac OS X dashboard widget support for Plasma
 plasma-scriptengines - a metapackage to install all Plasma script engines
 plasma-widgets-workspace - KDE 4 base workspace Plasma widgets and containments
 systemsettings - KDE 4 System Settings
Changes: 
 kdebase-workspace (4:4.5.5-0ubuntu2.2) maverick-security; urgency=low
 .
   * No change rebuild for security. This is needed to build kdeutils in
     the security pocket.
   * debian/control: relax build-dependency on kde-sc-dev-latest so this
     is actually buildable in the security PPA
Checksums-Sha1: 
 c7e7e389bcda221c26c220e7aab51d9b215ac4d7 4362 kdebase-workspace_4.5.5-0ubuntu2.2.dsc
 f21d95684354ea9d660e4d09714b028fcaf46d0c 234219 kdebase-workspace_4.5.5-0ubuntu2.2.debian.tar.gz
Checksums-Sha256: 
 50281599459775cc96664aebe07519f6ca7a9993ee43b368186e87b422be4bd4 4362 kdebase-workspace_4.5.5-0ubuntu2.2.dsc
 52026f06cec10642905d888869f88c580da1b99adbdbbcf007982117dee57b14 234219 kdebase-workspace_4.5.5-0ubuntu2.2.debian.tar.gz
Files: 
 a5bb37222b2d134b67cf9a5749e634f2 4362 kde optional kdebase-workspace_4.5.5-0ubuntu2.2.dsc
 c73d573319548a9f7224140220ea6a55 234219 kde optional kdebase-workspace_4.5.5-0ubuntu2.2.debian.tar.gz
Original-Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org>

From steve.langasek at ubuntu.com  Tue Nov 22 11:54:55 2011
From: steve.langasek at ubuntu.com (Steve Langasek)
Date: Tue, 22 Nov 2011 11:54:55 -0000
Subject: [ubuntu/maverick-proposed] procps 1:3.2.8-9ubuntu3.1 (Accepted)
Message-ID: <20111122115455.32354.39710.launchpad@gac.canonical.com>

procps (1:3.2.8-9ubuntu3.1) maverick-proposed; urgency=low

  [ James Hunt ]
  * Make procps job run twice: as early as possible (for kernel
    parameters such as kernel.printk) and then after all network
    interfaces are up (to account for any kernel parameters relating
    to recently loaded networking modules) (LP: #771372).

Date: Thu, 17 Nov 2011 13:07:06 -0800
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/procps/1:3.2.8-9ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Thu, 17 Nov 2011 13:07:06 -0800
Source: procps
Binary: procps libproc-dev
Architecture: source
Version: 1:3.2.8-9ubuntu3.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Description: 
 libproc-dev - library for accessing process information from /proc
 procps     - /proc file system utilities
Launchpad-Bugs-Fixed: 771372
Changes: 
 procps (1:3.2.8-9ubuntu3.1) maverick-proposed; urgency=low
 .
   [ James Hunt ]
   * Make procps job run twice: as early as possible (for kernel
     parameters such as kernel.printk) and then after all network
     interfaces are up (to account for any kernel parameters relating
     to recently loaded networking modules) (LP: #771372).
Checksums-Sha1: 
 7da878cbb5bda0c6d2a0bfb9c32c8ed313d379b3 2004 procps_3.2.8-9ubuntu3.1.dsc
 a73b9eeb70681e1fba672c2446543242d5a0ead6 93843 procps_3.2.8-9ubuntu3.1.debian.tar.gz
Checksums-Sha256: 
 a79e27fa12fe957c665b93689e1d2d92994863f3318b7d670041451b704b1528 2004 procps_3.2.8-9ubuntu3.1.dsc
 4fb190fe15933ab7e7be72993c21ff3606aefe4e6b99e92f642eacc10097b5e4 93843 procps_3.2.8-9ubuntu3.1.debian.tar.gz
Files: 
 906f1225de931b67f5970a5a9ea199a6 2004 admin important procps_3.2.8-9ubuntu3.1.dsc
 4d442676389f6b5a2918068ee8ca6cb4 93843 admin important procps_3.2.8-9ubuntu3.1.debian.tar.gz
Original-Maintainer: Craig Small <csmall at debian.org>

From jamie at ubuntu.com  Wed Nov 23 15:03:28 2011
From: jamie at ubuntu.com (Jamie Strandboge)
Date: Wed, 23 Nov 2011 15:03:28 -0000
Subject: [ubuntu/maverick-security]
	wireshark_1.2.11-6+squeeze5build0.10.10.1_amd64_translations.tar.gz,
	wireshark_1.2.11-6+squeeze5build0.10.10.1_i386_translations.tar.gz,
	wireshark_1.2.11-6+squeeze5build0.10.10.1_powerpc_translations.tar.gz, 
	wireshark_1.2.11-6+squeeze5build0.10.10.1_armel_translations.tar.gz,
	wireshark 1.2.11-6+squeeze5build0.10.10.1 (Accepted)
Message-ID: <20111123150328.17289.45274.launchpad@cocoplum.canonical.com>

wireshark (1.2.11-6+squeeze5build0.10.10.1) maverick-security; urgency=low

  * fake sync from Debian

wireshark (1.2.11-6+squeeze5) stable-security; urgency=high

  * security fixes from Wireshark 1.4.10:
    - Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
      buffer overflow in the ERF file reader. (CVE-2011-4102)

Date: Tue, 22 Nov 2011 08:08:19 -0600
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Balint Reczey <balint at balintreczey.hu>
https://launchpad.net/ubuntu/maverick/+source/wireshark/1.2.11-6+squeeze5build0.10.10.1
-------------- next part --------------
Format: 1.8
Date: Tue, 22 Nov 2011 08:08:19 -0600
Source: wireshark
Binary: wireshark-common wireshark tshark wireshark-dev wireshark-dbg
Architecture: source
Version: 1.2.11-6+squeeze5build0.10.10.1
Distribution: maverick-security
Urgency: high
Maintainer: Balint Reczey <balint at balintreczey.hu>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 tshark     - network traffic analyzer - console version
 wireshark  - network traffic analyzer - GTK+ version
 wireshark-common - network traffic analyzer - common files
 wireshark-dbg - network traffic analyzer - debug symbols
 wireshark-dev - network traffic analyzer - development tools
Changes: 
 wireshark (1.2.11-6+squeeze5build0.10.10.1) maverick-security; urgency=low
 .
   * fake sync from Debian
 .
 wireshark (1.2.11-6+squeeze5) stable-security; urgency=high
 .
   * security fixes from Wireshark 1.4.10:
     - Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a
       buffer overflow in the ERF file reader. (CVE-2011-4102)
Checksums-Sha1: 
 54dcf1c871b70c3f515da40a11f98635b796848e 2443 wireshark_1.2.11-6+squeeze5build0.10.10.1.dsc
 f53b2eca98e31c88266a3dc53e8655a13c76cb0c 76624 wireshark_1.2.11-6+squeeze5build0.10.10.1.debian.tar.gz
Checksums-Sha256: 
 373b4eaa5881f3e742f080d6d3d55671fff6b8a065a0db33df4155cfc32813b3 2443 wireshark_1.2.11-6+squeeze5build0.10.10.1.dsc
 4e5b9f506c7cd8b736b1c56f6f0ad4a7a1585b014733a9d53621851d93d8cb57 76624 wireshark_1.2.11-6+squeeze5build0.10.10.1.debian.tar.gz
Files: 
 d155effffb3252d56d3202db87425c08 2443 net optional wireshark_1.2.11-6+squeeze5build0.10.10.1.dsc
 378e683f331239b535ca29df50a551ed 76624 net optional wireshark_1.2.11-6+squeeze5build0.10.10.1.debian.tar.gz

From evan at ebroder.net  Thu Nov 24 05:55:57 2011
From: evan at ebroder.net (Evan Broder)
Date: Thu, 24 Nov 2011 05:55:57 -0000
Subject: [ubuntu/maverick-proposed] hedgewars 0.9.17-1~maverick0.1 (Accepted)
Message-ID: <20111124055557.23787.76009.launchpad@chaenomeles.canonical.com>

hedgewars (0.9.17-1~maverick0.1) maverick-proposed; urgency=low

  * Backport 0.9.17-1 to Maverick to fix network play (LP: #852603):
    - debian/patches/haskell-backwards-compat.patch: Replace or
      reimplement functions used by the server that weren't available in
      Maverick's Haskell stack
    - Drop libghc-bytestring-show-dev build-dependency.
    - Add 6's to get libghc6-deepseq-dev, libghc6-utf8-string-dev
      build-dependencies
    - Change libghc6-network-dev build-dependency to libghc6-network-bytestring-dev

Date: Tue, 22 Nov 2011 04:49:51 -0800
Changed-By: Evan Broder <evan at ebroder.net>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/hedgewars/0.9.17-1~maverick0.1
-------------- next part --------------
Format: 1.8
Date: Tue, 22 Nov 2011 04:49:51 -0800
Source: hedgewars
Binary: hedgewars hedgewars-data
Architecture: source
Version: 0.9.17-1~maverick0.1
Distribution: maverick-proposed
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Evan Broder <evan at ebroder.net>
Description: 
 hedgewars  - Worms style game
 hedgewars-data - Data files for hedgewars
Launchpad-Bugs-Fixed: 852603
Changes: 
 hedgewars (0.9.17-1~maverick0.1) maverick-proposed; urgency=low
 .
   * Backport 0.9.17-1 to Maverick to fix network play (LP: #852603):
     - debian/patches/haskell-backwards-compat.patch: Replace or
       reimplement functions used by the server that weren't available in
       Maverick's Haskell stack
     - Drop libghc-bytestring-show-dev build-dependency.
     - Add 6's to get libghc6-deepseq-dev, libghc6-utf8-string-dev
       build-dependencies
     - Change libghc6-network-dev build-dependency to libghc6-network-bytestring-dev
Checksums-Sha1: 
 fbaeefab0af83421741d7de161daf3e7f85504e2 2359 hedgewars_0.9.17-1~maverick0.1.dsc
 2c5642c1026228c982f563598fb1870a35c68f63 75457 hedgewars_0.9.17-1~maverick0.1.debian.tar.gz
Checksums-Sha256: 
 e45f282c311e560aaaee0c6c86e059d148707a9dc59ce06764f13e59ebccf773 2359 hedgewars_0.9.17-1~maverick0.1.dsc
 e24677caf10e49c383609e68da993963ed4be8d36cc61d13a8b3a1bdb2c51773 75457 hedgewars_0.9.17-1~maverick0.1.debian.tar.gz
Files: 
 553f9283741e28eee271cd44e74a57a4 2359 games extra hedgewars_0.9.17-1~maverick0.1.dsc
 566531b4e2e5d43effbff8f16bd3d3cd 75457 games extra hedgewars_0.9.17-1~maverick0.1.debian.tar.gz
Original-Maintainer: Dmitry E. Oboukhov <unera at debian.org>

From jean-louis at dupond.be  Thu Nov 24 06:15:50 2011
From: jean-louis at dupond.be (Jean-Louis Dupond)
Date: Thu, 24 Nov 2011 06:15:50 -0000
Subject: [ubuntu/maverick-proposed] papyon 0.5.1-0ubuntu2.3 (Accepted)
Message-ID: <20111124061550.23266.71962.launchpad@chaenomeles.canonical.com>

papyon (0.5.1-0ubuntu2.3) maverick-proposed; urgency=low

  * debian/patches/11_lp_887349.patch:
    - Fix patch so it applies cleanly. (LP: #887349)

Date: Mon, 14 Nov 2011 10:08:55 +0100
Changed-By: Jean-Louis Dupond <jean-louis at dupond.be>
Maintainer: Devid Antonio Filoni <d.filoni at ubuntu.com>
Signed-By: Martin Pitt <martin.pitt at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/papyon/0.5.1-0ubuntu2.3
-------------- next part --------------
Format: 1.8
Date: Mon, 14 Nov 2011 10:08:55 +0100
Source: papyon
Binary: python-papyon
Architecture: source
Version: 0.5.1-0ubuntu2.3
Distribution: maverick-proposed
Urgency: low
Maintainer: Devid Antonio Filoni <d.filoni at ubuntu.com>
Changed-By: Jean-Louis Dupond <jean-louis at dupond.be>
Description: 
 python-papyon - MSN client library written in Python
Launchpad-Bugs-Fixed: 887349
Changes: 
 papyon (0.5.1-0ubuntu2.3) maverick-proposed; urgency=low
 .
   * debian/patches/11_lp_887349.patch:
     - Fix patch so it applies cleanly. (LP: #887349)
Checksums-Sha1: 
 106030c17998431e60aa49ce7444eca995b88e37 2175 papyon_0.5.1-0ubuntu2.3.dsc
 660e345d87d7f114ec8def609583c9ca54ab7bef 5383 papyon_0.5.1-0ubuntu2.3.diff.gz
Checksums-Sha256: 
 5246573d11ddffdbadb88d120b142154d1d34719b7ce12a2017abbd32885880c 2175 papyon_0.5.1-0ubuntu2.3.dsc
 9825b16fb04901bbf322694d0db77c0f25582e1de897a2d771634a7433893e7e 5383 papyon_0.5.1-0ubuntu2.3.diff.gz
Files: 
 5d99b1e105c6ab7f7a1fd019d9c82b7a 2175 python optional papyon_0.5.1-0ubuntu2.3.dsc
 2deb184251cea3eca9ac6b267f4be605 5383 python optional papyon_0.5.1-0ubuntu2.3.diff.gz

From michael.vogt at ubuntu.com  Mon Nov 28 05:14:34 2011
From: michael.vogt at ubuntu.com (Michael Vogt)
Date: Mon, 28 Nov 2011 05:14:34 -0000
Subject: [ubuntu/maverick-proposed] software-center 3.0.11 (Accepted)
Message-ID: <20111128051434.13905.61825.launchpad@gac.canonical.com>

software-center (3.0.11) maverick-proposed; urgency=low

  * cherry pick fix to allow webkit to create additional windows
    during the purchase - this is needed to support PayPal in the
    purchase process (LP: #893988)

Date: Thu, 24 Nov 2011 09:48:13 +0100
Changed-By: Michael Vogt <michael.vogt at ubuntu.com>
Maintainer: Michael Vogt <mvo at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/software-center/3.0.11
-------------- next part --------------
Format: 1.8
Date: Thu, 24 Nov 2011 09:48:13 +0100
Source: software-center
Binary: software-center
Architecture: source
Version: 3.0.11
Distribution: maverick-proposed
Urgency: low
Maintainer: Michael Vogt <mvo at ubuntu.com>
Changed-By: Michael Vogt <michael.vogt at ubuntu.com>
Description: 
 software-center - Utility for browsing, installing, and removing applications
Launchpad-Bugs-Fixed: 893988
Changes: 
 software-center (3.0.11) maverick-proposed; urgency=low
 .
   * cherry pick fix to allow webkit to create additional windows
     during the purchase - this is needed to support PayPal in the
     purchase process (LP: #893988)
Checksums-Sha1: 
 344e660a4e5b13e3657ccda67202427e9f76dd93 1076 software-center_3.0.11.dsc
 c84eec69848d6bc0b6b8397e68db3d932070804d 625037 software-center_3.0.11.tar.gz
Checksums-Sha256: 
 2103c0f66f5def5dca556ab241c9dd02b3abe5e44f37f1b916967a71a02576e0 1076 software-center_3.0.11.dsc
 4444d0c8facf66621a104e1ad43d3f000e501e7901a1100520e149e96b18c229 625037 software-center_3.0.11.tar.gz
Files: 
 29634f1ab32c24f8a7d71a366718b733 1076 gnome optional software-center_3.0.11.dsc
 a88a4081af7a5ad9e61e46135788608a 625037 gnome optional software-center_3.0.11.tar.gz

From marc.deslauriers at ubuntu.com  Mon Nov 28 15:05:37 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Mon, 28 Nov 2011 15:05:37 -0000
Subject: [ubuntu/maverick-security]
	apt_0.8.3ubuntu7.3_armel_translations.tar.gz,
	apt_0.8.3ubuntu7.3_powerpc_translations.tar.gz,
	apt_0.8.3ubuntu7.3_amd64_translations.tar.gz, apt,
	apt_0.8.3ubuntu7.3_i386_translations.tar.gz 0.8.3ubuntu7.3 (Accepted)
Message-ID: <20111128150537.23221.19074.launchpad@cocoplum.canonical.com>

apt (0.8.3ubuntu7.3) maverick-security; urgency=low

  * SECURITY UPDATE: sensitive information disclosure via incorrect
    hostname validation (LP: #868353)
    - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST.
    - CVE-2011-3634
  * SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
    - cmdline/apt-key: improve key validation.

Date: Tue, 22 Nov 2011 13:50:41 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/apt/0.8.3ubuntu7.3
-------------- next part --------------
Format: 1.8
Date: Tue, 22 Nov 2011 13:50:41 -0500
Source: apt
Binary: apt apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 0.8.3ubuntu7.3
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 apt        - Advanced front-end for dpkg
 apt-doc    - Documentation for APT
 apt-transport-https - APT https transport
 apt-utils  - APT utility programs
 libapt-pkg-dev - Development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - Documentation for APT development
Launchpad-Bugs-Fixed: 857472 868353
Changes: 
 apt (0.8.3ubuntu7.3) maverick-security; urgency=low
 .
   * SECURITY UPDATE: sensitive information disclosure via incorrect
     hostname validation (LP: #868353)
     - methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST.
     - CVE-2011-3634
   * SECURITY UPDATE: Restore apt-ket net-update functionality (LP: #857472)
     - cmdline/apt-key: improve key validation.
Checksums-Sha1: 
 f8bb1da75bb4d34b74c79082b10cb6f5d5ecbebf 2037 apt_0.8.3ubuntu7.3.dsc
 a23c82c8b6628faaeef300d59731012c87dcaa51 3144354 apt_0.8.3ubuntu7.3.tar.gz
Checksums-Sha256: 
 788a0bebf74e2234fd8e5b1dc874bff915123baeca94eb1981c51fb50208f1b7 2037 apt_0.8.3ubuntu7.3.dsc
 4a6069acad519399825dba7d56af2d62d2046dc4364c840ee71fd0936e560fd5 3144354 apt_0.8.3ubuntu7.3.tar.gz
Files: 
 e5f507f34e4552c56ca9df8054fb6886 2037 admin important apt_0.8.3ubuntu7.3.dsc
 7ee2a3eaf85c8f6fc2058647d652dfb5 3144354 admin important apt_0.8.3ubuntu7.3.tar.gz
Original-Maintainer: APT Development Team <deity at lists.debian.org>

From marc.deslauriers at ubuntu.com  Mon Nov 28 16:04:45 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Mon, 28 Nov 2011 16:04:45 -0000
Subject: [ubuntu/maverick-security]
	update-notifier_0.105ubuntu1.1_powerpc_translations.tar.gz,
	update-notifier_0.105ubuntu1.1_i386_translations.tar.gz,
	update-notifier_0.105ubuntu1.1_amd64_translations.tar.gz,
	update-notifier,
	update-notifier_0.105ubuntu1.1_armel_translations.tar.gz 0.105ubuntu1.1
	(Accepted)
Message-ID: <20111128160445.13971.6575.launchpad@cocoplum.canonical.com>

update-notifier (0.105ubuntu1.1) maverick-security; urgency=low

  * SECURITY UPDATE: hotfix for arbitrary code execution via directory
    traversal in update-manager on iso media (LP: #881548)
    - data/cddistupgrader: patch update-manager that is pulled off an
      upgrade cd.
    - debian/update-manager-downloader-fix2.diff: hotfix to verify
      signature before unpacking the tarball in
      UpdateManager/Core/DistUpgradeFetcherCore.py.
    - debian/update-notifier-common.*: ship new hotfix in package.
    - CVE-2011-3152

Date: Thu, 24 Nov 2011 12:58:59 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/update-notifier/0.105ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Thu, 24 Nov 2011 12:58:59 -0500
Source: update-notifier
Binary: update-notifier update-notifier-common
Architecture: source
Version: 0.105ubuntu1.1
Distribution: maverick-security
Urgency: low
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 update-notifier - Daemon which notifies about package updates
 update-notifier-common - Files shared between update-notifier and adept
Launchpad-Bugs-Fixed: 881548
Changes: 
 update-notifier (0.105ubuntu1.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: hotfix for arbitrary code execution via directory
     traversal in update-manager on iso media (LP: #881548)
     - data/cddistupgrader: patch update-manager that is pulled off an
       upgrade cd.
     - debian/update-manager-downloader-fix2.diff: hotfix to verify
       signature before unpacking the tarball in
       UpdateManager/Core/DistUpgradeFetcherCore.py.
     - debian/update-notifier-common.*: ship new hotfix in package.
     - CVE-2011-3152
Checksums-Sha1: 
 0212b24e6cdfcc977207661f4ecf7a3ce3e9dbea 1707 update-notifier_0.105ubuntu1.1.dsc
 f3df23a218ee51194733ddf1613c472cde525a08 247026 update-notifier_0.105ubuntu1.1.tar.gz
Checksums-Sha256: 
 7a2841604c69d4e24502750523b710342ca09c501962b4fae0f260935f7a64b7 1707 update-notifier_0.105ubuntu1.1.dsc
 c30b7ea65c64cd418fad90e593969d875e5006a5db3802b7ee7aa0b348b410ee 247026 update-notifier_0.105ubuntu1.1.tar.gz
Files: 
 08e85043ec57394f3420e2ceba15ca51 1707 gnome optional update-notifier_0.105ubuntu1.1.dsc
 a36dc34c629996a6aa169bc019d0090e 247026 gnome optional update-notifier_0.105ubuntu1.1.tar.gz

From marc.deslauriers at ubuntu.com  Mon Nov 28 16:05:19 2011
From: marc.deslauriers at ubuntu.com (Marc Deslauriers)
Date: Mon, 28 Nov 2011 16:05:19 -0000
Subject: [ubuntu/maverick-security] update-manager,
	update-manager_0.142.23.1_powerpc_translations.tar.gz,
	update-manager_0.142.23.1_armel_translations.tar.gz,
	dist-upgrader_0.142.23.1_all.tar.gz,
	update-manager_0.142.23.1_amd64_translations.tar.gz,
	update-manager_0.142.23.1_i386_translations.tar.gz 1:0.142.23.1
	(Accepted)
Message-ID: <20111128160519.13971.75453.launchpad@cocoplum.canonical.com>

update-manager (1:0.142.23.1) maverick-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via directory traversal
    (LP: #881548)
    - UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
      unpacking the tarball.
    - CVE-2011-3152
  * SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
    - DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
    - CVE-2011-3154

Date: Wed, 23 Nov 2011 09:29:26 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/update-manager/1:0.142.23.1
-------------- next part --------------
Format: 1.8
Date: Wed, 23 Nov 2011 09:29:26 -0500
Source: update-manager
Binary: update-manager-core update-manager update-manager-hildon update-manager-text update-manager-kde auto-upgrade-tester
Architecture: source
Version: 1:0.142.23.1
Distribution: maverick-security
Urgency: low
Maintainer: Michael Vogt <michael.vogt at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 auto-upgrade-tester - Test release upgrades in a virtual environment
 update-manager - GNOME application that manages apt updates
 update-manager-core - manage release upgrades
 update-manager-hildon - Hildon application that manages apt updates
 update-manager-kde - Support modules for KPackageKit
 update-manager-text - Text application that manages apt updates
Launchpad-Bugs-Fixed: 881541 881548
Changes: 
 update-manager (1:0.142.23.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: arbitrary code execution via directory traversal
     (LP: #881548)
     - UpdateManager/Core/DistUpgradeFetcherCore.py: verify signature before
       unpacking the tarball.
     - CVE-2011-3152
   * SECURITY UPDATE: information leak via insecure temp file (LP: #881541)
     - DistUpgrade/DistUpgradeViewKDE.py: use mkstemp instead of mktemp.
     - CVE-2011-3154
Checksums-Sha1: 
 bf43c9c146d8a49322eb21d823f71e7c1279a1e1 1858 update-manager_0.142.23.1.dsc
 4523e062955304ff6f0dd13c19344215b36be194 2914353 update-manager_0.142.23.1.tar.gz
Checksums-Sha256: 
 c4369629acf1e7a55c172f5b89a8d649bf1ddb57f53058968daa4cf418061bd1 1858 update-manager_0.142.23.1.dsc
 174e71009dbf5b9f01ada2767216b46792c4616261843aca6a562a638fb75556 2914353 update-manager_0.142.23.1.tar.gz
Files: 
 881c94cff640b3aa75c7a9ffa7288d23 1858 gnome optional update-manager_0.142.23.1.dsc
 da07aa491b92180d202c1fb95cc41a2c 2914353 gnome optional update-manager_0.142.23.1.tar.gz

From winckler at campogeral.com.br  Wed Nov 30 17:03:32 2011
From: winckler at campogeral.com.br (Gabriel A. von Winckler)
Date: Wed, 30 Nov 2011 17:03:32 -0000
Subject: [ubuntu/maverick-security]
	phpldapadmin_1.2.0.5-1.1ubuntu1.1_i386_translations.tar.gz,
	phpldapadmin 1.2.0.5-1.1ubuntu1.1 (Accepted)
Message-ID: <20111130170332.6011.50271.launchpad@cocoplum.canonical.com>

phpldapadmin (1.2.0.5-1.1ubuntu1.1) maverick-security; urgency=high

  * Merge from debian security updates. (LP: #887290)
    - CVE-2011-4074 Fix XSS vulnerability in debug code
    - CVE-2011-4075 Fix arbitrary code execution by unauthenticated users

Date: Thu, 24 Nov 2011 14:39:09 -0200
Changed-By: Gabriel A. von Winckler <winckler at campogeral.com.br>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/phpldapadmin/1.2.0.5-1.1ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Thu, 24 Nov 2011 14:39:09 -0200
Source: phpldapadmin
Binary: phpldapadmin
Architecture: source
Version: 1.2.0.5-1.1ubuntu1.1
Distribution: maverick-security
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Gabriel A. von Winckler <winckler at campogeral.com.br>
Description: 
 phpldapadmin - web based interface for administering LDAP servers
Launchpad-Bugs-Fixed: 887290
Changes: 
 phpldapadmin (1.2.0.5-1.1ubuntu1.1) maverick-security; urgency=high
 .
   * Merge from debian security updates. (LP: #887290)
     - CVE-2011-4074 Fix XSS vulnerability in debug code
     - CVE-2011-4075 Fix arbitrary code execution by unauthenticated users
Checksums-Sha1: 
 6b1a05f6a1c2c06e958dd6235c19782a6823e5bd 1795 phpldapadmin_1.2.0.5-1.1ubuntu1.1.dsc
 d006afa6db7bdc5a471276de881113513f7f93dc 27064 phpldapadmin_1.2.0.5-1.1ubuntu1.1.diff.gz
Checksums-Sha256: 
 3a93b47cc473144dc04441bb46ed59a7f195db969853533e85c6daf48166f2b9 1795 phpldapadmin_1.2.0.5-1.1ubuntu1.1.dsc
 1ccaf9a830370e5b5d5ce839320572444e694f01c5693ec18cceba12af970d72 27064 phpldapadmin_1.2.0.5-1.1ubuntu1.1.diff.gz
Files: 
 96c0767335e58a199da62ac638840ceb 1795 admin extra phpldapadmin_1.2.0.5-1.1ubuntu1.1.dsc
 fb1fd74d19864a91e2d3b46fa387a02d 27064 admin extra phpldapadmin_1.2.0.5-1.1ubuntu1.1.diff.gz
Original-Maintainer: Fabio Tranchitella <kobold at debian.org>