gmane.linux.ubuntu.devel.changes.intrepid

[ubuntu/intrepid-security] netpbm-free,netpbm-free (delayed) 2:10.0-12ubuntu0.8.10.1 (Accepted)

Ubuntu Installer — 2010-04-29T22:03:28

netpbm-free (2:10.0-12ubuntu0.8.10.1) intrepid-security; urgency=low

  * SECURITY UPDATE: fix stack-based overflow in ppm/xpmtoppm.c
    - http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&r1=995&r2=1076&pathrev=1076
    - CVE-2009-4274

Date: Fri, 16 Apr 2010 17:16:08 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/netpbm-free/2:10.0-12ubuntu0.8.10.1
Format: 1.8
Date: Fri, 16 Apr 2010 17:16:08 -0500
Source: netpbm-free
Binary: netpbm libnetpbm10 libnetpbm10-dev libnetpbm9 libnetpbm9-dev
Architecture: source
Version: 2:10.0-12ubuntu0.8.10.1
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Description: 
 libnetpbm10 - Shared

[ubuntu/intrepid-security] ffmpeg-debian,ffmpeg-debian (delayed) 3:0.svn20080206-12ubuntu3.3 (Accepted)

Ubuntu Installer — 2010-04-26T13:20:56

ffmpeg-debian (3:0.svn20080206-12ubuntu3.3) intrepid-security; urgency=low

  * debian/patches/CVE-2009-46XX/security-issue22.patch: removed this
    patch as it was causing a regression. (LP: #567913)

Date: Fri, 23 Apr 2010 08:13:39 -0400
Changed-By: Marc Deslauriers <marc.deslauriers-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Reinhard Tartler <siretart-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/ffmpeg-debian/3:0.svn20080206-12ubuntu3.3
Format: 1.8
Date: Fri, 23 Apr 2010 08:13:39 -0400
Source: ffmpeg-debian
Binary: ffmpeg ffmpeg-dbg ffmpeg-doc libavutil49 libavcodec51 libavdevice52 libpostproc51 libavformat52 libswscale0 libavutil-dev libavcodec-dev libavdevice-dev libpostproc-dev libavformat-dev libswscale-dev
Architecture: source
Version: 3:0.svn20080206-12ubuntu3.3
Distribution: intrepid-security
Urgency: low
Maintainer: Reinhard Tartler <siretart-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Changed-By: Marc Deslauriers <marc.deslauriers-GeWIH/nMZzLQT0dZ

[ubuntu/intrepid-security] irssi (delayed),irssi 0.8.12-4ubuntu2.3 (Accepted)

Ubuntu Installer — 2010-04-20T17:03:25

irssi (0.8.12-4ubuntu2.3) intrepid-security; urgency=low

  * debian/patches/91_ssl_proxy.patch: when we have a proxy setting, we expect
    the CN to match the proxy hostname, not the server hostname. Patch thanks
    to Steve Langasek. (LP: #565182)

Date: Mon, 19 Apr 2010 13:02:15 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/irssi/0.8.12-4ubuntu2.3
Format: 1.8
Date: Mon, 19 Apr 2010 13:02:15 -0500
Source: irssi
Binary: irssi irssi-dev
Architecture: source
Version: 0.8.12-4ubuntu2.3
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Description: 
 irssi      - terminal based IRC client
 irssi-dev  - text-mode version of the irssi IRC client development files
Lau

[ubuntu/intrepid-security]kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2_powerpc_translations.tar.gz,kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2_i386_translations.tar.gz, kdebase-workspace,kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2_amd64_translations.tar.gz, kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2_ia64_translations.tar.gz, kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2_sparc_translations.tar.gz(delayed) 4:4.1.4-0ubuntu1~intrepid3.2 (Accepted)

Ubuntu Installer — 2010-04-19T22:05:39

kdebase-workspace (4:4.1.4-0ubuntu1~intrepid3.2) intrepid-security; urgency=low

  * SECURITY UPDATE: KDM Local Privilege Escalation Vulnerability (LP: #562440).
   - Add debian/patches/CVE-2010-0436_fix_kdm_local_exploit.diff
   - kdm/backend/ctrl.c: prevent race condition during user login which could
     allow execution of arbitrary code as root
   - CVE-2010-0436
   - http://www.kde.org/info/security/advisory-20100413-1.txt

Date: Fri, 16 Apr 2010 19:19:37 +0100
Changed-By: Jonathan Riddell <jriddell-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Kubuntu Developers <kubuntu-devel-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/kdebase-workspace/4:4.1.4-0ubuntu1~intrepid3.2
Format: 1.8
Date: Fri, 16 Apr 2010 19:19:37 +0100
Source: kdebase-workspace
Binary: kdebase-workspace kdebase-workspace-bin kdebase-workspace-libs4+5 kdebase-workspace-data kdebase-workspace-wallpapers kdebase-workspace-dev kdm klipper ksysguardd ksysguard kde-window-manager libkdecorations

[ubuntu/intrepid-security] ffmpeg-debian,ffmpeg-debian (delayed) 3:0.svn20080206-12ubuntu3.2 (Accepted)

Ubuntu Installer — 2010-04-19T18:04:17

ffmpeg-debian (3:0.svn20080206-12ubuntu3.2) intrepid-security; urgency=low

  * SECURITY UPDATE: Fix a multitude of security issues
    - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream
      existence before assignment
    - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap
      indexes
    - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook
      value
    - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for
      per-packet mode indexes and per-header mode mapping indexes
    - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook
      index and subclass book index.
    - debian/patches/CVE-2009-46XX/security-issue08.patch: check
      res_setup->books
    - debian/patches/CVE-2009-46XX/security-issue09.patch: check
      begin/end/partition_size
    - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity
      of channels & samplerate
    - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_id

[ubuntu/intrepid-security] irssi (delayed),irssi 0.8.12-4ubuntu2.2 (Accepted)

Ubuntu Installer — 2010-04-15T23:03:36

irssi (0.8.12-4ubuntu2.2) intrepid-security; urgency=low

  * SECURITY UPDATE: perform certificate host validation
    - debian/patches/91_CVE-2010-1155.patch: adjust to verify hostname against
      CN. Also use one SSL_CTX per connection and use default trusted CAs if
      nothing specified.
    - CVE-2010-1155
  * SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on
    the channel
    - debian/patches/91_CVE-2010-1156.patch: verify channel is non-NULL in
      src/core/nicklist.c
    - CVE-2010-1156
  * debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol

Date: Wed, 14 Apr 2010 15:15:07 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/irssi/0.8.12-4ubuntu2.2
Format: 1.8
Date: Wed, 14 Apr 2010 15:15:07 -0500
Source: irssi
Binary: irssi irssi-dev
Architecture: source
Version: 0.8.12-4ubuntu2.2
Dis

[ubuntu/intrepid-security] cmake,cmake (delayed) 2.6.0-4ubuntu2.1 (Accepted)

Ubuntu Installer — 2010-04-15T19:05:41

cmake (2.6.0-4ubuntu2.1) intrepid-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE_2009_3720.patch: xmltok_impl.c to not access beyond
      end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE_2009_3560.patch: update xmlparse.c to properly
      recognize the end of a token
    - CVE-2009-3560

Date: Tue, 13 Apr 2010 20:56:53 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/cmake/2.6.0-4ubuntu2.1
Format: 1.8
Date: Tue, 13 Apr 2010 20:56:53 -0500
Source: cmake
Binary: cmake cmake-gui
Architecture: source
Version: 2.6.0-4ubuntu2.1
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT

[ubuntu/intrepid-security] sudo,sudo (delayed) 1.6.9p17-1ubuntu2.3 (Accepted)

Ubuntu Installer — 2010-04-15T16:04:54

sudo (1.6.9p17-1ubuntu2.3) intrepid-security; urgency=low

  * SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit'
    pseudo-command when running from the current working directory and
    secure_path is disabled
    - CVE-2010-XXXX

Date: Wed, 07 Apr 2010 15:49:07 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Martin Pitt <martin.pitt-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/sudo/1.6.9p17-1ubuntu2.3
Format: 1.8
Date: Wed, 07 Apr 2010 15:49:07 -0500
Source: sudo
Binary: sudo sudo-ldap
Architecture: source
Version: 1.6.9p17-1ubuntu2.3
Distribution: intrepid-security
Urgency: low
Maintainer: Martin Pitt <martin.pitt-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Description: 
 sudo       - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Changes: 
 sud

[ubuntu/intrepid] acroread 9.3.2-intrepid1 (Accepted)

Brian Thomason — 2010-04-14T04:05:25

acroread (9.3.2-intrepid1) intrepid; urgency=low

  * Initial release of 9.3.2 for intrepid

Date: Tue, 13 Apr 2010 23:55:28 -0400
Changed-By: Brian Thomason <brian.thomason-Z7WLFzj8eWMS+FvcfC7Uqw< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/acroread/9.3.2-intrepid1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 13 Apr 2010 23:55:28 -0400
Source: acroread
Binary: acroread
Architecture: source
Version: 9.3.2-intrepid1
Distribution: intrepid
Urgency: low
Maintainer: Brian Thomason <brian.thomason-Z7WLFzj8eWMS+FvcfC7Uqw< at >public.gmane.org>
Changed-By: Brian Thomason <brian.thomason-Z7WLFzj8eWMS+FvcfC7Uqw< at >public.gmane.org>
Description: 
 acroread   - Adobe Reader
Changes: 
 acroread (9.3.2-intrepid1) intrepid; urgency=low
 .
   * Initial release of 9.3.2 for intrepid
Checksums-Sha1: 
 00570999b114ea02497da0650a13d85d2da5f1c2 1207 acroread_9.3.2-intrepid1.dsc
 543c66e73e0742f68c2f170f35f6a99fd41635d9 5572 acroread_9.3.2-intrepid1.diff.gz
Checksums-Sha256: 
 7794fc2a57ecff4b

[ubuntu/intrepid-security]havp_0.89-2ubuntu2~intrepid3_ia64_translations.tar.gz,havp_0.89-2ubuntu2~intrepid3_powerpc_translations.tar.gz,havp_0.89-2ubuntu2~intrepid3_i386_translations.tar.gz, havp,havp_0.89-2ubuntu2~intrepid3_sparc_translations.tar.gz (delayed),havp_0.89-2ubuntu2~intrepid3_lpia_translations.tar.gz,havp_0.89-2ubuntu2~intrepid3_amd64_translations.tar.gz,havp_0.89-2ubuntu2~intrepid3_hppa_translations.tar.gz0.89-2ubuntu2~intrepid3 (Accepted)

Ubuntu Installer — 2010-04-08T21:04:00

havp (0.89-2ubuntu2~intrepid3) intrepid-security; urgency=low

  * No change rebuild against clamav 0.95

havp (0.89-2ubuntu2~intrepid2) intrepid-backports; urgency=low

  * No change rebuild to ensure build is against libclamav6

havp (0.89-2ubuntu2~intrepid1) intrepid-backports; urgency=low

  * Automated backport upload; no source changes.

havp (0.89-2ubuntu2) jaunty; urgency=low

  * updated to build with clamav 0.95
    - debian/patches/10_clamav095_support.dpatch

havp (0.89-2ubuntu1) jaunty; urgency=low

  * Merge from debian unstable (LP: #313755), remaining changes:
    - Under certain circumstances, the init script and/or postrm script
      will fail to umount loop-back devices (LP: #296499). This
      issue has been addressed by performing a lazy umount in these
      two scripts.

havp (0.89-2) unstable; urgency=low

  * Create /var/run/havp if it doesn't exist when running init script so
    that it can be used when /var/run is on tmpfs.
    Closes: #502048: havp: Havp init fails after reboot

[ubuntu/intrepid-security]clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_lpia_translations.tar.gz,clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_hppa_translations.tar.gz,clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_powerpc_translations.tar.gz,clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_ia64_translations.tar.gz,clamav,clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_sparc_translations.tar.gz(delayed),clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_i386_translations.tar.gz,clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3_amd64_translations.tar.gz0.95.3+dfsg-1ubuntu0.09.04~intrepid3 (Accepted)

Ubuntu Installer — 2010-04-08T21:04:15

clamav (0.95.3+dfsg-1ubuntu0.09.04~intrepid3) intrepid-security; urgency=low

  * SECURITY UPDATE: (LP: #553266)
  * References clamav bugs #1771 and #1826
  * libclamav/mspack.c: fix Quantum decompressor (bb#1771)
    - clamav git 224fee54dd6cd8933d7007331ec2bfca0398d4b4
  * libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826)
    - clamav git 31b77b3fb589ab07e7b4d84f8b3825178864ee51
  * patch based on work by Scott Kitterman

Date: Tue, 06 Apr 2010 13:09:52 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/clamav/0.95.3+dfsg-1ubuntu0.09.04~intrepid3
Format: 1.8
Date: Tue, 06 Apr 2010 13:09:52 -0500
Source: clamav
Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6 clamav-daemon clamav-testfiles clamav-freshclam clamav-milter
Architecture: source
Version: 0.95.3+dfsg-1ubuntu0.09.04~intrepid3
Distrib

[ubuntu/intrepid-security] dansguardian (delayed),dansguardian 2.9.9.7-2.1ubuntu1~intrepid3 (Accepted)

Ubuntu Installer — 2010-04-08T21:04:09

dansguardian (2.9.9.7-2.1ubuntu1~intrepid3) intrepid-security; urgency=low

  * No change rebuild against clamav 0.95

dansguardian (2.9.9.7-2.1ubuntu1~intrepid2) intrepid-backports; urgency=low

  * No change rebuild to ensure libclamav6 transition got picked up

dansguardian (2.9.9.7-2.1ubuntu1~intrepid1) intrepid-backports; urgency=low

  * Automated backport upload; no source changes.

dansguardian (2.9.9.7-2.1ubuntu1) karmic; urgency=low

  * Merge from Debian unstable, remaining changes (LP: #372357)
  * Patched to compile with GCC-4.4
    - debian/patches/52_gcc44_build_fix.dpatch (proposed patch from
      Debian #526156)

dansguardian (2.9.9.7-2.1) unstable; urgency=low

  * Non-maintainer upload.
  * Added patch for clamav 0.95/libclamav6 support
    - added debian/patches/50_clamav095_support.dpatch

dansguardian (2.9.9.7-2ubuntu1) jaunty; urgency=low

  * new PPA test build with clamav 0.95
    - debian/patches/50_clamav095_support.dpatch

Date: Tue, 06 Apr 2010 13:28:42 -0500
Changed-By: Jamie S

[ubuntu/intrepid-security]gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_i386_translations.tar.gz,gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_sparc_translations.tar.gz(delayed),gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_lpia_translations.tar.gz,gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_hppa_translations.tar.gz,gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_amd64_translations.tar.gz,gurlchecker,gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_ia64_translations.tar.gz,gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3_powerpc_translations.tar.gz0.10.3svn2009032900-0ubuntu1~intrepid3 (Accepted)

Ubuntu Installer — 2010-04-08T21:04:06

gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid3) intrepid-security; urgency=low

  * No change rebuild against clamav 0.95

gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid2) intrepid-backports; urgency=low

  * No change rebuild to ensure the package is built against libclamav6

gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid1) intrepid-backports; urgency=low

  * Automated backport upload; no source changes.

gurlchecker (0.10.3svn2009032900-0ubuntu1) jaunty; urgency=low

  * Updated to svn head (revision 648) for clamav 0.95 integration
    (LP: #354015)
  * Added build-dep on libltdl7-dev

gurlchecker (0.10.2-2ubuntu1) jaunty; urgency=low

  * Replace Debian inline changes for clamav 0.94 integration with upstream
    fix and update to svn head (revision 647)
    - Fix virus scanning so it works (including detecting the Eicar test
      signatures (LP: #325054)
    - Fix segfault in settings validation (LP: #318309)
    - Fix option management
    - Updated translations and improved documentatio

[ubuntu/intrepid-security]klamav_0.46-2~intrepid3_ia64_translations.tar.gz,klamav_0.46-2~intrepid3_i386_translations.tar.gz,klamav_0.46-2~intrepid3_hppa_translations.tar.gz,klamav_0.46-2~intrepid3_amd64_translations.tar.gz,klamav_0.46-2~intrepid3_sparc_translations.tar.gz (delayed),klamav_0.46-2~intrepid3_powerpc_translations.tar.gz, klamav,klamav_0.46-2~intrepid3_lpia_translations.tar.gz 0.46-2~intrepid3(Accepted)

Ubuntu Installer — 2010-04-08T21:03:56

klamav (0.46-2~intrepid3) intrepid-security; urgency=low

  * No change rebuild against clamav 0.95

klamav (0.46-2~intrepid2) intrepid-backports; urgency=low

  * No change rebuild to ensure the package is built against libclamav6

klamav (0.46-2~intrepid1) intrepid-backports; urgency=low

  * Automated backport upload; no source changes.

klamav (0.46-2) unstable; urgency=low

  * Just build-dep on libltdl3-dev

klamav (0.46-1) unstable; urgency=low

  * New upstream release for clamav 0.95 compatibility
    - Updated debian/copyright
    - Add build-dep on libltdl7-dev | libltdl3-dev
  * Drop 11-ukraine.patch and 12-clamav-0.94_build_fix.diff
    - Incorporated upstream
  * Freshen 09-disable-autoscan.patch
  * Add 11_desktop_directory.diff, move .desktop file to xdg directory
    - Thanks to Jonathan Riddell <jriddell-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org> for the patch
  * Add 12_no_mediaslave.diff, remove obsolete (due to impending KDE4
    transition) Devices section from launcher
  * Update standar

[ubuntu/intrepid-security] python-clamav,python-clamav (delayed) 0.4.1-1ubuntu2~intrepid2 (Accepted)

Ubuntu Installer — 2010-04-08T21:03:50

python-clamav (0.4.1-1ubuntu2~intrepid2) intrepid-security; urgency=low

  * No change rebuild against clamav 0.95

python-clamav (0.4.1-1ubuntu2~intrepid1) intrepid-backports; urgency=low

  * Intrepid backport for clamav 0.95
    - removed --install-layout=deb (intrepid has Python 2.5)

python-clamav (0.4.1-1ubuntu2) jaunty; urgency=low

  * Rebuild against libclamav6

  [ Imre Gergely ]
  * cleaned up some old code for clamav 0.75
  * updated Build-Depend for clamav 0.95
  * modified pyclamav.c source to use the new API functions

python-clamav (0.4.1-1ubuntu1) jaunty; urgency=low

  * Add --install-layout=deb and rebuild for Python 2.6

Date: Tue, 06 Apr 2010 14:17:08 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/python-clamav/0.4.1-1ubuntu2~intrepid2
Format: 1.8
Date: Tue, 06 Apr 2010 14:17:08 -0500
Source: python-clamav
Binary: pytho

[ubuntu/intrepid-security]mediawiki_1.12.0-2ubuntu0.5_amd64_translations.tar.gz,mediawiki_1.12.0-2ubuntu0.5_sparc_translations.tar.gz (delayed),mediawiki_1.12.0-2ubuntu0.5_hppa_translations.tar.gz, mediawiki,mediawiki_1.12.0-2ubuntu0.5_ia64_translations.tar.gz,mediawiki_1.12.0-2ubuntu0.5_i386_translations.tar.gz,mediawiki_1.12.0-2ubuntu0.5_powerpc_translations.tar.gz,mediawiki_1.12.0-2ubuntu0.5_lpia_translations.tar.gz1:1.12.0-2ubuntu0.5 (Accepted)

Ubuntu Installer — 2010-04-08T20:03:54

mediawiki (1:1.12.0-2ubuntu0.5) intrepid-security; urgency=low

  * SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An
    attacker who controls a user account on the target wiki can force the
    victim to login as the attacker, via a script on an external website.
    IMPORTANT: Fix includes a breaking change to the API login action. Any
    clients using it will need to be updated. (LP: #557159)
    - debian/patches/CSRF-no-CVE_rev-64680.patch
    - patch based on upstream SVN rev. 64680
    - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html
    - https://bugzilla.wikimedia.org/show_bug.cgi?id=23076
    - CVE-2010-1150

Date: Wed, 07 Apr 2010 11:56:02 +0200
Changed-By: Andreas Wenning <awen-0QWyXmCDP9M< at >public.gmane.org>
Maintainer: Ubuntu MOTU Developers <ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/mediawiki/1:1.12.0-2ubuntu0.5
Format: 1.8
Date: Wed, 07 Apr 2010 11:56:02 +0200
Source: mediawiki
Binary

[ubuntu/intrepid-security] moin,moin_1.7.1-1ubuntu1.5_i386_translations.tar.gz (delayed)1.7.1-1ubuntu1.5 (Accepted)

Ubuntu Installer — 2010-04-08T16:03:34

moin (1.7.1-1ubuntu1.5) intrepid-security; urgency=low

  * SECURITY UPDATE: fix XSS in Despam action
    - debian/patches/30006_CVE-2010-0828.patch: use wikiutil.escape()
      in revert_pages()
    - CVE-2010-0828
  * SECURITY UPDATE: fix bypass of textcha protection
    - debian/patches/30007_CVE-2010-1238.patch: make sure the question and
      answer form fields are filled in
    - CVE-2010-1238

Date: Tue, 30 Mar 2010 13:53:34 -0500
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/moin/1.7.1-1ubuntu1.5
Format: 1.8
Date: Tue, 30 Mar 2010 13:53:34 -0500
Source: moin
Binary: python-moinmoin
Architecture: source
Version: 1.7.1-1ubuntu1.5
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Jamie Strandboge <jamie-GeWIH/nMZzLQT0dZR+AlfA< at >p

[ubuntu/intrepid-security] openjdk-6,openjdk-6 (delayed) 6b12-0ubuntu6.7 (Accepted)

Ubuntu Installer — 2010-04-07T05:07:00

openjdk-6 (6b12-0ubuntu6.7) intrepid-security; urgency=low

  * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes:
    - 6626217: Loader-constraint table allows arrays instead of only
      the base-classes.
    - 6633872: Policy/PolicyFile leak dynamic ProtectionDomains.
    - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups.
    - 6736390: File TOCTOU deserialization vulnerability.
    - 6745393: Inflater/Deflater clone issues.
    - 6887703: Unsigned applet can retrieve the dragged information before drop
      action occur.
    - 6888149: AtomicReferenceArray causes SIGSEGV -> SEGV_MAPERR error.
    - 6892265: System.arraycopy unable to reference elements beyond
      Integer.MAX_VALUE bytes.
    - 6893947: Deserialization of RMIConnectionImpl objects should enforce
      stricter checks [ZDI-CAN-588].
    - 6893954: Subclasses of InetAddress may incorrectly interpret network
      addresses [ZDI-CAN-603].
    - 6894807: No ClassCastException for HashAttributeSet

[ubuntu/intrepid-security] krb5,krb5_1.6.dfsg.4~beta1-3ubuntu0.4_powerpc_translations.tar.gz,krb5_1.6.dfsg.4~beta1-3ubuntu0.4_amd64_translations.tar.gz,krb5_1.6.dfsg.4~beta1-3ubuntu0.4_ia64_translations.tar.gz,krb5_1.6.dfsg.4~beta1-3ubuntu0.4_sparc_translations.tar.gz (delayed),krb5_1.6.dfsg.4~beta1-3ubuntu0.4_lpia_translations.tar.gz,krb5_1.6.dfsg.4~beta1-3ubuntu0.4_hppa_translations.tar.gz,krb5_1.6.dfsg.4~beta1-3ubuntu0.4_i386_translations.tar.gz1.6.dfsg.4~beta1-3ubuntu0.4 (Accepted)

Ubuntu Installer — 2010-04-07T05:06:41

krb5 (1.6.dfsg.4~beta1-3ubuntu0.4) intrepid-security; urgency=low

  * SECURITY UPDATE: unauthenticated remote KDC service crash.
    - debian/patches/MITKRB5-SA-2010-003 applied inline.

Date: Tue, 06 Apr 2010 18:00:29 -0700
Changed-By: Kees Cook <kees-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/krb5/1.6.dfsg.4~beta1-3ubuntu0.4
Format: 1.8
Date: Tue, 06 Apr 2010 18:00:29 -0700
Source: krb5
Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc
Architecture: source
Version: 1.6.dfsg.4~beta1-3ubuntu0.4
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Kees Cook <kees-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Description: 
 krb5-admin-server - MIT Kerb

[ubuntu/intrepid-proposed] tzdata 2010h~repack-0ubuntu0.8.10(Accepted)

Martin Pitt — 2010-04-06T08:45:23

tzdata (2010h~repack-0ubuntu0.8.10) intrepid-proposed; urgency=low

  * New upstream release 2010h:
    - Africa/Tunis (Tunesia): Drop DST permanently. (LP: #550157)
    - Asia/Karachi (Pakistan): Drop DST permanently.

Date: Tue, 06 Apr 2010 10:30:29 +0200
Changed-By: Martin Pitt <martin.pitt-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://edge.launchpad.net/ubuntu/intrepid/+source/tzdata/2010h~repack-0ubuntu0.8.10
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 06 Apr 2010 10:30:29 +0200
Source: tzdata
Binary: tzdata tzdata-java
Architecture: source
Version: 2010h~repack-0ubuntu0.8.10
Distribution: intrepid-proposed
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Martin Pitt <martin.pitt-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Description: 
 tzdata     - time zone and daylight-saving time data
 tzdata-java - time

[ubuntu/intrepid-security]libnss-db_2.2.3pre1-3ubuntu1.8.10.2_ia64_translations.tar.gz,libnss-db_2.2.3pre1-3ubuntu1.8.10.2_lpia_translations.tar.gz,libnss-db_2.2.3pre1-3ubuntu1.8.10.2_amd64_translations.tar.gz,libnss-db_2.2.3pre1-3ubuntu1.8.10.2_powerpc_translations.tar.gz,libnss-db_2.2.3pre1-3ubuntu1.8.10.2_hppa_translations.tar.gz,libnss-db,libnss-db_2.2.3pre1-3ubuntu1.8.10.2_i386_translations.tar.gz,libnss-db_2.2.3pre1-3ubuntu1.8.10.2_sparc_translations.tar.gz (delayed)2.2.3pre1-3ubuntu1.8.10.2 (Accepted)

Ubuntu Installer — 2010-03-31T19:03:47

libnss-db (2.2.3pre1-3ubuntu1.8.10.2) intrepid-security; urgency=low

  * SECURITY UPDATE: allows reading of arbitrary file contents (LP: #531976)
    - Add 200-set-db-environment.dpatch: set environment correctly.
    - CVE-2010-0826

Date: Tue, 30 Mar 2010 10:41:17 -0700
Changed-By: Kees Cook <kees-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
https://launchpad.net/ubuntu/intrepid/+source/libnss-db/2.2.3pre1-3ubuntu1.8.10.2
Format: 1.8
Date: Tue, 30 Mar 2010 10:41:17 -0700
Source: libnss-db
Binary: libnss-db
Architecture: source
Version: 2.2.3pre1-3ubuntu1.8.10.2
Distribution: intrepid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg< at >public.gmane.org>
Changed-By: Kees Cook <kees-GeWIH/nMZzLQT0dZR+AlfA< at >public.gmane.org>
Description: 
 libnss-db  - NSS module for using Berkeley Databases as a naming service
Launchpad-Bugs-Fixed: 531976
Changes: 
 libnss-db (2.2.3pr