Branches for Precise

Author: Balint Reczey
Revision Date: 2019-03-19 13:28:10 UTC

Moved to git at https://git.launchpad.net/software-properties

Author: James Page
Revision Date: 2017-04-10 09:14:00 UTC

Handle instance adding on startup better

Author: Dimitri John Ledkov
Revision Date: 2017-04-28 15:04:47 UTC

Initial Release. LP: #1686183

Author: Dimitri John Ledkov
Revision Date: 2017-04-28 15:04:47 UTC

Initial Release. LP: #1686183

Author: Thadeu Lima de Souza Cascardo
Revision Date: 2017-02-08 16:00:00 UTC

linux ABI 3.2.0-1500

Author: Ben Romer
Revision Date: 2017-02-06 11:14:05 UTC

Bump ABI

Author: Marc Deslauriers
Revision Date: 2017-01-18 08:37:01 UTC

* SECURITY UPDATE: Update to 5.5.54 to fix security issues
  - CVE-2017-3238
  - CVE-2017-3243
  - CVE-2017-3244
  - CVE-2017-3258
  - CVE-2017-3265
  - CVE-2017-3291
  - CVE-2017-3312
  - CVE-2017-3313
  - CVE-2017-3317
  - CVE-2017-3318
* debian/patches/fix_test_events_2.patch: fix date in test.

Author: Marc Deslauriers
Revision Date: 2017-01-18 08:37:01 UTC

* SECURITY UPDATE: Update to 5.5.54 to fix security issues
  - CVE-2017-3238
  - CVE-2017-3243
  - CVE-2017-3244
  - CVE-2017-3258
  - CVE-2017-3265
  - CVE-2017-3291
  - CVE-2017-3312
  - CVE-2017-3313
  - CVE-2017-3317
  - CVE-2017-3318
* debian/patches/fix_test_events_2.patch: fix date in test.

Author: John Donnelly
Revision Date: 2017-01-12 15:07:11 UTC

Master Version 3.13.0-108.155~precise1

Author: John Donnelly
Revision Date: 2017-01-12 15:07:11 UTC

Master Version 3.13.0-108.155~precise1

Author: John Donnelly
Revision Date: 2017-01-12 15:07:11 UTC

Master Version 3.13.0-108.155~precise1

Author: John Donnelly
Revision Date: 2017-01-11 13:26:59 UTC

linux ABI 3.13.0-108

Author: John Donnelly
Revision Date: 2017-01-11 13:26:59 UTC

linux ABI 3.13.0-108

Author: John Donnelly
Revision Date: 2017-01-11 13:26:59 UTC

linux ABI 3.13.0-108

Author: John Donnelly
Revision Date: 2017-01-10 14:12:27 UTC

linux ABI 3.2.0-1499

Author: John Donnelly
Revision Date: 2017-01-10 14:12:27 UTC

linux ABI 3.2.0-1499

Author: John Donnelly
Revision Date: 2017-01-09 11:14:17 UTC

Bump ABI

Author: John Donnelly
Revision Date: 2017-01-09 11:14:17 UTC

Bump ABI

Author: Steve Beattie
Revision Date: 2016-11-15 14:34:45 UTC

* SECURITY UPDATE: StartTLS stripping attack
  - debian/patches/CVE-2016-0772.patch: raise an error when
    STARTTLS fails in Lib/smtplib.py.
  - CVE-2016-0772
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
  scripts (aka HTTPOXY attack)
  - debian/patches/CVE-2016-1000110.patch: if running as CGI
    script, forget HTTP_PROXY in Lib/urllib.py, add test to
    Lib/test/test_urllib.py, add documentation.
  - CVE-2016-1000110
* SECURITY UPDATE: Integer overflow when handling zipfiles
  - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
    Modules/zipimport.c
  - debian/patches/CVE-2016-5636.patch: check for too large value in
    Modules/zipimport.c
  - CVE-2016-5636
* SECURITY UPDATE: CRLF injection vulnerability in the
  HTTPConnection.putheader
  - debian/patches/CVE-2016-5699.patch: disallow newlines in
    putheader() arguments when not followed by spaces or tabs in
    Lib/httplib.py, add tests in Lib/test/test_httplib.py
  - CVE-2016-5699

Author: Steve Beattie
Revision Date: 2016-11-15 14:34:45 UTC

* SECURITY UPDATE: StartTLS stripping attack
  - debian/patches/CVE-2016-0772.patch: raise an error when
    STARTTLS fails in Lib/smtplib.py.
  - CVE-2016-0772
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
  scripts (aka HTTPOXY attack)
  - debian/patches/CVE-2016-1000110.patch: if running as CGI
    script, forget HTTP_PROXY in Lib/urllib.py, add test to
    Lib/test/test_urllib.py, add documentation.
  - CVE-2016-1000110
* SECURITY UPDATE: Integer overflow when handling zipfiles
  - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
    Modules/zipimport.c
  - debian/patches/CVE-2016-5636.patch: check for too large value in
    Modules/zipimport.c
  - CVE-2016-5636
* SECURITY UPDATE: CRLF injection vulnerability in the
  HTTPConnection.putheader
  - debian/patches/CVE-2016-5699.patch: disallow newlines in
    putheader() arguments when not followed by spaces or tabs in
    Lib/httplib.py, add tests in Lib/test/test_httplib.py
  - CVE-2016-5699

Author: Joshua Powers
Revision Date: 2016-10-25 21:47:49 UTC

Add (Ubuntu) zesty as a symlink to gutsy. (LP: #1636583)

Author: Felipe Reyes
Revision Date: 2016-09-13 17:03:17 UTC

Skip empty lines when iterating hosts file

If the hosts file contains empty lines a list index out of range exception
is raised

Traceback (most recent call last):
  File "/usr/bin/serverstack-tenant-dns", line 256, in <module>
    add_current_instances()
  File "/usr/bin/serverstack-tenant-dns", line 144, in add_current_instances
    add_host_entry(hostname, ip_addr, "")
  File "/usr/bin/serverstack-tenant-dns", line 81, in add_host_entry
    hn = _hostname[1]
IndexError: list index out of range

Author: Emily Ratliff
Revision Date: 2016-09-09 14:45:49 UTC

* SECURITY UPDATE: Fixes for buffer overflows
  - PIL/IcnsImagePlugin.py, libImaging/PcdDecode.c, libImaging/FliDecode.c
  - CVE-2016-0775
  - CVE-2016-2533
  - CVE-2014-3596
  - Kudos to Andrew Drake and Eric Soroos for discovering these issues.

Author: Emily Ratliff
Revision Date: 2016-09-09 14:45:49 UTC

* SECURITY UPDATE: Fixes for buffer overflows
  - PIL/IcnsImagePlugin.py, libImaging/PcdDecode.c, libImaging/FliDecode.c
  - CVE-2016-0775
  - CVE-2016-2533
  - CVE-2014-3596
  - Kudos to Andrew Drake and Eric Soroos for discovering these issues.

Author: Marc Deslauriers
Revision Date: 2016-08-17 13:41:27 UTC

* SECURITY UPDATE: random number generator prediction
  - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
    random mixing in random/random-csprng.c.
  - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
    csprng pool in random/random-csprng.c.
  - CVE-2016-6313

Author: Marc Deslauriers
Revision Date: 2016-08-17 13:41:27 UTC

* SECURITY UPDATE: random number generator prediction
  - debian/patches/CVE-2016-6313-1.patch: improve the diagram showing the
    random mixing in random/random-csprng.c.
  - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
    csprng pool in random/random-csprng.c.
  - CVE-2016-6313

Author: Steve Beattie
Revision Date: 2016-05-26 00:08:17 UTC

* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
  dependency from libm to libc (LP: #1585614)
  - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
    __strto*_nan symbols added to libc.

Author: Steve Beattie
Revision Date: 2016-05-26 00:08:17 UTC

* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
  dependency from libm to libc (LP: #1585614)
  - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
    __strto*_nan symbols added to libc.

Author: Donald Siuchninski
Revision Date: 2012-07-30 04:06:12 UTC

debian/control: Changed a typo in the package description; changed 'of' to 'for' (LP: #306178)

Author: Pali
Revision Date: 2016-05-21 08:19:21 UTC

Upgrade to version 1.7.0-2 from Debian

Author: Marc Deslauriers
Revision Date: 2016-04-26 14:20:41 UTC

* SECURITY UPDATE: infinite loop via malformed DER cert
  - debian/patches/CVE-2016-4008-1.patch: catch invalid input cases early
    in lib/decoding.c.
  - debian/patches/CVE-2016-4008-2.patch: properly account bytes read in
    lib/decoding.c.
  - CVE-2016-4008

Author: Marc Deslauriers
Revision Date: 2016-04-26 14:20:41 UTC

* SECURITY UPDATE: infinite loop via malformed DER cert
  - debian/patches/CVE-2016-4008-1.patch: catch invalid input cases early
    in lib/decoding.c.
  - debian/patches/CVE-2016-4008-2.patch: properly account bytes read in
    lib/decoding.c.
  - CVE-2016-4008

Author: Scott Moser
Revision Date: 2016-04-25 20:53:28 UTC

releasing package cloud-init version 0.6.3-0ubuntu1.25

Author: Marc Deslauriers
Revision Date: 2016-04-14 14:17:20 UTC

fake sync from Debian

Author: Marc Deslauriers
Revision Date: 2016-04-14 14:17:20 UTC

fake sync from Debian

Author: Steve Beattie
Revision Date: 2016-04-08 23:59:46 UTC

* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
  functions
  - debian/patches/any/CVE-2015-1781.diff: take alignment padding
    into account when computing if buffer is too small.
  - CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
  - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
    database during iteration.
  - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
    between getXXent and getXXbyYY NSS calls.
  - CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
  conversion
  - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
    of NaN payloads.
  - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
    handling of payload strings
  - CVE-2014-9761
* SECURITY UPDATE: out of range data to strftime() causes segfault
  (denial of service)
  - debian/patches/any/CVE-2015-8776.diff: add range checks to
    strftime() processing
  - CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
  AT_SECURE programs (e.g. setuid), allowing disabling of pointer
  mangling
  - debian/patches/any/CVE-2015-8777.diff: Always enable pointer
    guard
  - CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
  - debian/patches/any/CVE-2015-8778.diff: check for large inputs
  - CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
  - debian/patches/any/CVE-2015-8779.diff: stop using unbounded
    alloca()
  - CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
  - debian/patches/any/CVE-2016-3075.diff: do not make unneeded
    memory copy on the stack.
  - CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
  - debian/patches/any/CVE-2016-2856-pre.diff: add option to
    enable/disable pt_chown.
  - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
    about pty group and permission mode
  - debian/debhelper.in/libc-bin.install: drop installation of
    pt_chown
  - CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
  security updates (LP: #1546457)

Author: Marc Deslauriers
Revision Date: 2016-04-01 08:30:13 UTC

* SECURITY UPDATE: invalid memory access via crafted MJPEG data
  - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
    libavcodec/mjpegdec.c.
  - CVE-2014-8541
* SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
  - debian/patches/CVE-2015-1872.patch: check number of components in
    libavcodec/mjpegdec.c.
  - CVE-2015-1872
* SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
  - debian/patches/CVE-2015-3395.patch: determine frame size in
    libavcodec/msrledec.c.
  - CVE-2015-3395
* SECURITY UPDATE: size issue in ff_h263_decode_picture_header
  - debian/patches/CVE-2015-5479.patch: check both dimensions in
    libavcodec/ituh263dec.c.
  - CVE-2015-5479
* SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
  - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
    libavcodec/pngdec.c.
  - CVE-2015-6818
* SECURITY UPDATE: out of bounds array access in ff_sbr_apply
  - debian/patches/CVE-2015-6820.patch: check that the element type
    matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
  - CVE-2015-6820
* SECURITY UPDATE: uninitialized memory access in sws_init_context
  - debian/patches/CVE-2015-6824.patch: clear buffers in
    libswscale/utils.c
  - CVE-2015-6824
* SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
  - debian/patches/CVE-2015-6826.patch: clear pointers in
    libavcodec/rv34.c.
  - CVE-2015-6826
* SECURITY UPDATE: integer overflow in ff_ivi_init_planes
  - debian/patches/CVE-2015-8364.patch: check image dimensions in
    libavcodec/ivi_common.c.
  - CVE-2015-8364
* SECURITY UPDATE: out of bounds array access in smka_decode_frame
  - debian/patches/CVE-2015-8365.patch: validate data size in
    libavcodec/smacker.c.
  - CVE-2015-8365
* SECURITY UPDATE: cross-origin attack and arbitrary file read via the
  concat protocol
  - debian/confflags: disable concat protocol.
  - CVE-2016-1897
  - CVE-2016-1898
* SECURITY UPDATE: integer overflow in asf_write_packet
  - debian/patches/CVE-2016-2326.patch: check pts in
    libavformat/asfenc.c.
  - CVE-2016-2326
* SECURITY UPDATE: out of bounds array access via tga file
  - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
    libavcodec/gif.c.
  - CVE-2016-2330

Author: Marc Deslauriers
Revision Date: 2016-04-01 08:30:13 UTC

* SECURITY UPDATE: invalid memory access via crafted MJPEG data
  - debian/patches/CVE-2014-8541.patch: check for pixel format changes in
    libavcodec/mjpegdec.c.
  - CVE-2014-8541
* SECURITY UPDATE: out of array access in ff_mjpeg_decode_sof
  - debian/patches/CVE-2015-1872.patch: check number of components in
    libavcodec/mjpegdec.c.
  - CVE-2015-1872
* SECURITY UPDATE: out of bounds array access in msrle_decode_pal4
  - debian/patches/CVE-2015-3395.patch: determine frame size in
    libavcodec/msrledec.c.
  - CVE-2015-3395
* SECURITY UPDATE: size issue in ff_h263_decode_picture_header
  - debian/patches/CVE-2015-5479.patch: check both dimensions in
    libavcodec/ituh263dec.c.
  - CVE-2015-5479
* SECURITY UPDATE: out of bounds array access in decode_ihdr_chunk
  - debian/patches/CVE-2015-6818.patch: only allow one IHDR chunk in
    libavcodec/pngdec.c.
  - CVE-2015-6818
* SECURITY UPDATE: out of bounds array access in ff_sbr_apply
  - debian/patches/CVE-2015-6820.patch: check that the element type
    matches in libavcodec/aacsbr.c, libavcodec/sbr.h.
  - CVE-2015-6820
* SECURITY UPDATE: uninitialized memory access in sws_init_context
  - debian/patches/CVE-2015-6824.patch: clear buffers in
    libswscale/utils.c
  - CVE-2015-6824
* SECURITY UPDATE: invalid pointer use in ff_rv34_decode_init_thread_copy
  - debian/patches/CVE-2015-6826.patch: clear pointers in
    libavcodec/rv34.c.
  - CVE-2015-6826
* SECURITY UPDATE: integer overflow in ff_ivi_init_planes
  - debian/patches/CVE-2015-8364.patch: check image dimensions in
    libavcodec/ivi_common.c.
  - CVE-2015-8364
* SECURITY UPDATE: out of bounds array access in smka_decode_frame
  - debian/patches/CVE-2015-8365.patch: validate data size in
    libavcodec/smacker.c.
  - CVE-2015-8365
* SECURITY UPDATE: cross-origin attack and arbitrary file read via the
  concat protocol
  - debian/confflags: disable concat protocol.
  - CVE-2016-1897
  - CVE-2016-1898
* SECURITY UPDATE: integer overflow in asf_write_packet
  - debian/patches/CVE-2016-2326.patch: check pts in
    libavformat/asfenc.c.
  - CVE-2016-2326
* SECURITY UPDATE: out of bounds array access via tga file
  - debian/patches/CVE-2016-2330.patch: fix lzw buffer size in
    libavcodec/gif.c.
  - CVE-2016-2330

Author: Brian Murray
Revision Date: 2015-11-09 13:34:23 UTC

src/whoopsie.c: Move UnreportableReason from fields we don't send to
errors to fields we do, that way we know apport's opinion of the crash.
(LP: #1382233)

Author: Marc Deslauriers
Revision Date: 2016-02-05 13:51:23 UTC

debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list compare the name and key. This will
allow the future removal of 1024-bit RSA keys from the ca-certificates
package.

Author: Laurent Sesquès
Revision Date: 2016-02-12 07:35:19 UTC

[sajoupa] Avoiding regressions when rrd's version is incremented

Author: Marc Deslauriers
Revision Date: 2016-02-05 13:51:23 UTC

debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list compare the name and key. This will
allow the future removal of 1024-bit RSA keys from the ca-certificates
package.

Author: Mihai Moldovan
Revision Date: 2016-01-24 14:39:43 UTC

Merge with current precise package.

Changes:
* debian/patches: Add 0001fix-snapshot-restore.patch (LP: #1311497).
* debian/rules: Add dh_quilt_patch/dh_quilt_unpatch. Needed to apply
  patches.
* debian/control: Add quilt to Build-Depends. Needed to apply patches.

dbgsym patch applied on top, version number adapted.

Author: Joseph S Tate
Revision Date: 2015-12-11 02:39:39 UTC

More lint fixes

Author: Jorge Niedbalski
Revision Date: 2015-11-18 14:31:10 UTC

Defaults to false, non invasive change

Author: Brian Murray
Revision Date: 2015-11-09 13:34:23 UTC

src/whoopsie.c: Move UnreportableReason from fields we don't send to
errors to fields we do, that way we know apport's opinion of the crash.
(LP: #1382233)

Author: Brian Murray
Revision Date: 2015-11-06 15:30:31 UTC

releasing package apport version 2.0.1-0ubuntu17.14

Author: Steve Beattie
Revision Date: 2015-10-15 18:35:20 UTC

* SECURITY UPDATE: buffer overflow in XML parser (LP: #1506017)
  - igd_desc_parse.c: fix buffer overflow in
  - https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
  - CVE-2015-6031

Author: Adam Conrad
Revision Date: 2015-10-20 11:01:03 UTC

New upstream release with future timestamp updates for Fiji, Norfolk
Island, and Turkey, and a new timezone for Fort Nelson (LP: #1502058)

Author: Adam Conrad
Revision Date: 2015-10-20 11:01:03 UTC

New upstream release with future timestamp updates for Fiji, Norfolk
Island, and Turkey, and a new timezone for Fort Nelson (LP: #1502058)

Author: Adam Conrad
Revision Date: 2015-10-20 11:01:03 UTC

New upstream release with future timestamp updates for Fiji, Norfolk
Island, and Turkey, and a new timezone for Fort Nelson (LP: #1502058)

Author: Julian Ladisch
Revision Date: 2015-10-16 10:14:29 UTC

* Fix security issues:
  - CVE-2014-1879: Self-XSS due to unescaped HTML output in import.
    LP: #1441590
  - CVE-2013-5003: SQL injection vulnerabilities (control user) (3.4.x is not affected).
  - CVE-2013-5002: Self-XSS due in schema export (3.4.x is not affected).
  - CVE-2013-4996: XSS in Logo Link and Trusted Proxy List (3.4.x is not affected).
  - CVE-2013-4995: XSS in HTML Output when executing a SQL query (3.4.x is not affected).
* Fix security issue:
  - CVE-2013-3239: Locally Saved SQL Dump File Multiple File Extension
    Remote Code Execution (3.4.x is not affected).
* New upstream security release.
  - CVE-2012-4345, CVE-2012-4579: Multiple XSS in Table operations,
    Database structure, Trigger and Visualize GIS data pages.
    LP: #1441587
* New upstream release.
* Add alternative dependency to php5-mysqlnd (closes: #665812).
* New upstream release.
  - CVE-2012-1902: Path disclosure due to missing verification of file presence.
    LP: #1441568
* Checked for policy 3.9.3, no changes.

Author: Tiago Stürmer Daitx
Revision Date: 2015-10-14 02:54:20 UTC

d/squid3.upstart: Use SIGINT to terminate squid and wait at most 40
seconds for it to finish. (LP: #1073478)

Author: Steve Beattie
Revision Date: 2015-10-15 18:35:20 UTC

* SECURITY UPDATE: buffer overflow in XML parser (LP: #1506017)
  - igd_desc_parse.c: fix buffer overflow in
  - https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78
  - CVE-2015-6031

Author: Marc Deslauriers
Revision Date: 2015-10-01 09:05:17 UTC

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.

Author: Marc Deslauriers
Revision Date: 2015-10-01 09:05:17 UTC

* SECURITY UPDATE: improper certificate hostname verification
  - debian/patches/06_fix_CVE-2012-5783.patch: fix CN extraction and
    wildcard verification in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - debian/patches/CVE-2014-3577.patch: fix Common Name logic in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2012-5783
  - CVE-2012-6153
  - CVE-2014-3577
* SECURITY UPDATE: denial of service via failure to set socket timeout
  - debian/patches/CVE-2015-5262.patch: respect configured timeout in
    src/java/org/apache/commons/httpclient/protocol/SSLProtocolSocketFactory.java.
  - CVE-2015-5262
* debian/ant.properties: bump version to 1.5 to handle security fixes.

Author: Steve Beattie
Revision Date: 2015-10-10 07:55:26 UTC

* SECURITY UPDATE: Heap overflow and DoS with tga files
  - debian/patches/CVE-2015-7673-1.patch: pass on OOM conditions in
    make_weights functions in gdk-pixbuf/pixops/pixops.c
  - debian/patches/CVE-2015-7673-2.patch: Wrap TGAColormap struct in
    its own API in gdk-pixbuf/io-tga.c
  - debian/patches/CVE-2015-7673-3.patch: always parse colormaps in
    gdk-pixbuf/io-tga.c
* SECURITY UPDATE: heap overflow when scaling GIF images
  - debian/patches/CVE-2015-767.patch: ensure variables are large
    enough when shifting bits in gdk-pixbuf/pixops/pixops.c

Author: Steve Beattie
Revision Date: 2015-10-10 07:55:26 UTC

* SECURITY UPDATE: Heap overflow and DoS with tga files
  - debian/patches/CVE-2015-7673-1.patch: pass on OOM conditions in
    make_weights functions in gdk-pixbuf/pixops/pixops.c
  - debian/patches/CVE-2015-7673-2.patch: Wrap TGAColormap struct in
    its own API in gdk-pixbuf/io-tga.c
  - debian/patches/CVE-2015-7673-3.patch: always parse colormaps in
    gdk-pixbuf/io-tga.c
* SECURITY UPDATE: heap overflow when scaling GIF images
  - debian/patches/CVE-2015-767.patch: ensure variables are large
    enough when shifting bits in gdk-pixbuf/pixops/pixops.c

Author: Robert C Jennings
Revision Date: 2015-10-02 09:43:15 UTC

* debian/patches/use_utf8_encoding.patch:
  - use utf8 encoding to be compatible with new tzdata versions
    (lp: #1473533)

Author: Brad Figg
Revision Date: 2015-10-05 14:20:57 UTC

[ Brad Figg ]

Bump ABI

Author: Brad Figg
Revision Date: 2015-10-05 14:20:57 UTC

[ Brad Figg ]

Bump ABI

Author: Brad Figg
Revision Date: 2015-10-05 14:20:57 UTC

[ Brad Figg ]

Bump ABI

Author: Robert C Jennings
Revision Date: 2015-10-02 09:43:15 UTC

* debian/patches/use_utf8_encoding.patch:
  - use utf8 encoding to be compatible with new tzdata versions
    (lp: #1473533)

Author: Marc Deslauriers
Revision Date: 2015-09-25 08:18:39 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  use-after-free
  - debian/patches/CVE-2015-7236.patch: fix memory corruption in
    PMAP_CALLIT code in src/rpcb_svc_com.c.
  - CVE-2015-7236

Author: Marc Deslauriers
Revision Date: 2015-09-30 07:35:45 UTC

dkms_apport.py: update to the recent apport.utils api changes
(lp: #1499842)

Author: Marc Deslauriers
Revision Date: 2015-09-30 07:35:45 UTC

dkms_apport.py: update to the recent apport.utils api changes
(lp: #1499842)

Author: Alberto Milone
Revision Date: 2015-08-27 16:59:02 UTC

* Initial release (replaces nvidia-graphics-drivers-331-updates).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Alberto Milone
Revision Date: 2015-08-27 16:35:39 UTC

* Initial release (replaces nvidia-graphics-drivers-331).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Alberto Milone
Revision Date: 2015-09-16 16:50:36 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Alberto Milone
Revision Date: 2015-09-16 16:43:44 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Alberto Milone
Revision Date: 2015-08-27 16:59:02 UTC

* Initial release (replaces nvidia-graphics-drivers-331-updates).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Alberto Milone
Revision Date: 2015-08-27 16:35:39 UTC

* Initial release (replaces nvidia-graphics-drivers-331).
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Marc Deslauriers
Revision Date: 2015-09-25 08:18:39 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  use-after-free
  - debian/patches/CVE-2015-7236.patch: fix memory corruption in
    PMAP_CALLIT code in src/rpcb_svc_com.c.
  - CVE-2015-7236

Author: Andy Whitcroft
Revision Date: 2015-09-23 15:39:40 UTC

d/s/autopkgtest: only collect logs if there are any. (LP: #1498896)

Author: Marc Deslauriers
Revision Date: 2015-09-21 15:27:32 UTC

* data/handlers/nvidia.py:
  - Add support for nvidia-340 and nvidia-340-updates
* This package does _not_ contain the changes from 0.9.7-0ubuntu7.16 in
  precise-proposed.

Author: Marc Deslauriers
Revision Date: 2015-09-21 15:27:32 UTC

* data/handlers/nvidia.py:
  - Add support for nvidia-340 and nvidia-340-updates
* This package does _not_ contain the changes from 0.9.7-0ubuntu7.16 in
  precise-proposed.

Author: Timo Jyrinki
Revision Date: 2015-09-18 14:05:23 UTC

Use a more proper install method and only use the signatures from the upstream xpi

Author: Ben Howard
Revision Date: 2015-09-17 08:53:32 UTC

Drop 'depends' for cloud-init (LP: #1496730).

Author: Martin Pitt
Revision Date: 2015-09-11 15:06:10 UTC

0git-keymaps.patch: Add 0x88 to dell-touchpad to fix wireless switch on
Dell Latitude and Precision. (LP: #1441849)

Author: Ben Howard
Revision Date: 2015-09-17 08:53:32 UTC

Drop 'depends' for cloud-init (LP: #1496730).

Author: Alberto Milone
Revision Date: 2015-09-16 16:50:36 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Alberto Milone
Revision Date: 2015-09-16 16:43:44 UTC

[ Alberto Milone ]
* New upstream release:
  - Removed libvdpau and libvdpau_trace from the NVIDIA driver
    package. VDPAU is not supported on the legacy hardware
    supported on the release 304 legacy driver branch. The
    libvdpau_nvidia vendor library is still included, so users who
    wish to use VDPAU with newer hardware that still works with
    release 304 drivers may install libvdpau from packages provided
    by the OS vendor where available, or from the source code
    available at:
    http://people.freedesktop.org/~aplattner/vdpau/
* SECURITY UPDATE:
  - CVE-2015-5950 (LP: #1489391).

Author: Eric Desrochers
Revision Date: 2015-08-26 15:07:58 UTC

* Fix use-after-free in routing socket code (LP: #1481388)
  - debian/patches/use-after-free-in-routing-socket.patch
    fix logic in ntpd/ntp_io.c
* Fix to ignore ENOBUFS on routing netlink socket
  - debian/patches/ignore-ENOBUFS-on-routing-netlink-socket.patch
    fix logic in ntpd/ntp_io.c

Author: Martin Pitt
Revision Date: 2015-09-11 15:06:10 UTC

0git-keymaps.patch: Add 0x88 to dell-touchpad to fix wireless switch on
Dell Latitude and Precision. (LP: #1441849)

Author: Marc Deslauriers
Revision Date: 2015-09-10 07:10:41 UTC

* SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
  - debian/patches-freetype/savannah-bug-41309.patch: fix use of
    uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
    src/type1/t1load.c, src/type42/t42parse.c.
  - No CVE number
* SECURITY UPDATE: denial of service via infinite loop in parse_encode
  (LP: #1492124)
  - debian/patches-freetype/savannah-bug-41590.patch: protect against
    invalid charcode in src/type1/t1load.c.
  - No CVE number

Author: Marc Deslauriers
Revision Date: 2015-09-10 07:10:41 UTC

* SECURITY UPDATE: uninitialized memory reads (LP: #1449225)
  - debian/patches-freetype/savannah-bug-41309.patch: fix use of
    uninitialized data in src/cid/cidload.c, src/psaux/psobjs.c,
    src/type1/t1load.c, src/type42/t42parse.c.
  - No CVE number
* SECURITY UPDATE: denial of service via infinite loop in parse_encode
  (LP: #1492124)
  - debian/patches-freetype/savannah-bug-41590.patch: protect against
    invalid charcode in src/type1/t1load.c.
  - No CVE number

Author: Seyeong Kim
Revision Date: 2015-09-01 10:57:56 UTC

fix rule-violating lblk->pblk mappings on bigalloc filesystems (LP: #1321418)

Author: Marc Deslauriers
Revision Date: 2015-08-28 15:55:17 UTC

* SECURITY UPDATE: denial of service via out-of-bounds buffer access
  - debian/patches/CVE-2012-4428.patch: fix handling of string-list in
    common/slp_compare.c
  - CVE-2012-4428
* SECURITY UPDATE: denial of service via double free flaw
  - debian/patches/CVE-2015-5177.patch: fix double free if
    SLPDKnownDAAdd() fails in slpd/slpd_knownda.c.
  - CVE-2015-5177

Author: Marc Deslauriers
Revision Date: 2015-08-28 15:55:17 UTC

* SECURITY UPDATE: denial of service via out-of-bounds buffer access
  - debian/patches/CVE-2012-4428.patch: fix handling of string-list in
    common/slp_compare.c
  - CVE-2012-4428
* SECURITY UPDATE: denial of service via double free flaw
  - debian/patches/CVE-2015-5177.patch: fix double free if
    SLPDKnownDAAdd() fails in slpd/slpd_knownda.c.
  - CVE-2015-5177

Author: Marc Deslauriers
Revision Date: 2015-09-02 09:16:53 UTC

* SECURITY UPDATE: privilege escalation when used in setuid or setgid
  applications
  - debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
    against directory traversal in configure.ac, src/Makefile.am,
    src/util.h, src/vdpau_wrapper.c, trace/vdpau_trace.cpp.
  - CVE-2015-5198
  - CVE-2015-5199
  - CVE-2015-5200

Author: Marc Deslauriers
Revision Date: 2015-09-02 09:16:53 UTC

* SECURITY UPDATE: privilege escalation when used in setuid or setgid
  applications
  - debian/patches/CVE-2015-5xxx.patch: use secure_getenv and protect
    against directory traversal in configure.ac, src/Makefile.am,
    src/util.h, src/vdpau_wrapper.c, trace/vdpau_trace.cpp.
  - CVE-2015-5198
  - CVE-2015-5199
  - CVE-2015-5200

Author: Marc Deslauriers
Revision Date: 2015-09-01 14:07:19 UTC

* SECURITY UPDATE: denial of service in DNSSEC-signed record validation
  via malformed keys
  - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
    lib/dns/ncache.c, lib/dns/openssldh_link.c,
    lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
    lib/dns/resolver.c.
  - CVE-2015-5722

Author: Marc Deslauriers
Revision Date: 2015-09-01 14:07:19 UTC

* SECURITY UPDATE: denial of service in DNSSEC-signed record validation
  via malformed keys
  - fix validation inlib/dns/hmac_link.c, lib/dns/include/dst/dst.h,
    lib/dns/ncache.c, lib/dns/openssldh_link.c,
    lib/dns/openssldsa_link.c, lib/dns/opensslrsa_link.c,
    lib/dns/resolver.c.
  - CVE-2015-5722

Author: Seyeong Kim
Revision Date: 2015-09-01 10:57:56 UTC

fix rule-violating lblk->pblk mappings on bigalloc filesystems (LP: #1321418)

Author: Marc Deslauriers
Revision Date: 2015-08-28 09:33:57 UTC

* SECURITY UPDATE: integer overflows in XML_GetBuffer
  - debian/patches/CVE-2015-1283.dpatch: add checks to lib/xmlparse.c.
  - CVE-2015-1283

Author: Marc Deslauriers
Revision Date: 2015-08-28 09:33:57 UTC

* SECURITY UPDATE: integer overflows in XML_GetBuffer
  - debian/patches/CVE-2015-1283.dpatch: add checks to lib/xmlparse.c.
  - CVE-2015-1283

Author: Chris Coulson
Revision Date: 2015-08-26 20:08:27 UTC

* New upstream release v1.8.2 to support Thunderbird 38
  - Fixes LP: #1489103 - Per-account settings missing after Thunderbird
    update

* Depend on gnupg2 instead of gnupg. Whilst this enigmail version still
  works with gnupg 1.4.*, it pops up an alert warning that it will be the
  last version to do so
  - update debian/control

Author: Chris Coulson
Revision Date: 2015-08-26 20:08:27 UTC

* New upstream release v1.8.2 to support Thunderbird 38
  - Fixes LP: #1489103 - Per-account settings missing after Thunderbird
    update

* Depend on gnupg2 instead of gnupg. Whilst this enigmail version still
  works with gnupg 1.4.*, it pops up an alert warning that it will be the
  last version to do so
  - update debian/control

Author: Marc Deslauriers
Revision Date: 2015-08-20 08:53:48 UTC

* SECURITY UPDATE: denial of service via non-existing REPORT request
  - debian/patches/CVE-2014-3580.patch: make sure repo paths are
    specified in subversion/mod_dav_svn/reports/deleted-rev.c,
    subversion/mod_dav_svn/reports/file-revs.c,
    subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/mod_dav_svn/reports/get-locations.c,
    subversion/mod_dav_svn/reports/log.c,
    subversion/mod_dav_svn/reports/mergeinfo.c.
  - CVE-2014-3580
* SECURITY UPDATE: denial of service via crafted parameter combinations
  - debian/patches/CVE-2015-0248.patch: properly handle missing revision
    numbers in subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/svnserve/serve.c.
  - CVE-2015-0248
* SECURITY UPDATE: svn:author property spoofing issue
  - debian/patches/CVE-2015-0251.patch: restrict svn:author modifications
    in subversion/mod_dav_svn/deadprops.c.
  - CVE-2015-0251
* SECURITY UPDATE: sensitive path information disclosure
  - debian/patches/CVE-2015-3187.patch: fix order in
    subversion/libsvn_repos/rev_hunt.c, added tests to
    subversion/tests/cmdline/authz_tests.py,
    subversion/tests/libsvn_repos/repos-test.c.
  - CVE-2015-3187

Author: Marc Deslauriers
Revision Date: 2015-08-20 08:53:48 UTC

* SECURITY UPDATE: denial of service via non-existing REPORT request
  - debian/patches/CVE-2014-3580.patch: make sure repo paths are
    specified in subversion/mod_dav_svn/reports/deleted-rev.c,
    subversion/mod_dav_svn/reports/file-revs.c,
    subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/mod_dav_svn/reports/get-locations.c,
    subversion/mod_dav_svn/reports/log.c,
    subversion/mod_dav_svn/reports/mergeinfo.c.
  - CVE-2014-3580
* SECURITY UPDATE: denial of service via crafted parameter combinations
  - debian/patches/CVE-2015-0248.patch: properly handle missing revision
    numbers in subversion/mod_dav_svn/reports/get-location-segments.c,
    subversion/svnserve/serve.c.
  - CVE-2015-0248
* SECURITY UPDATE: svn:author property spoofing issue
  - debian/patches/CVE-2015-0251.patch: restrict svn:author modifications
    in subversion/mod_dav_svn/deadprops.c.
  - CVE-2015-0251
* SECURITY UPDATE: sensitive path information disclosure
  - debian/patches/CVE-2015-3187.patch: fix order in
    subversion/libsvn_repos/rev_hunt.c, added tests to
    subversion/tests/cmdline/authz_tests.py,
    subversion/tests/libsvn_repos/repos-test.c.
  - CVE-2015-3187