http://blog.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid hourly 1 1901-01-01T00:00+00:00 http://gmane.org/img/gmane-25t.png http://gmane.org http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9622 <pre>netpbm-free (2:10.0-12ubuntu0.8.10.1) intrepid-security; urgency=low * SECURITY UPDATE: fix stack-based overflow in ppm/xpmtoppm.c - http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&amp;r1=995&amp;r2=1076&amp;pathrev=1076 - CVE-2009-4274 Date: Fri, 16 Apr 2010 17:16:08 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/netpbm-free/2:10.0-12ubuntu0.8.10.1 Format: 1.8 Date: Fri, 16 Apr 2010 17:16:08 -0500 Source: netpbm-free Binary: netpbm libnetpbm10 libnetpbm10-dev libnetpbm9 libnetpbm9-dev Architecture: source Version: 2:10.0-12ubuntu0.8.10.1 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: libnetpbm10 - Shared libraries for netpbm libnetpbm10-dev - Development libraries and header files libnetpbm9 - Shared libraries for netpbm libnetpbm9-dev - Development libraries and header files netpbm - Graphics conversion tools Changes: netpbm-free (2:10.0-12ubuntu0.8.10.1) intrepid-security; urgency=low . * SECURITY UPDATE: fix stack-based overflow in ppm/xpmtoppm.c - http://netpbm.svn.sourceforge.net/viewvc/netpbm/stable/converter/ppm/xpmtoppm.c?view=patch&amp;r1=995&amp;r2=1076&amp;pathrev=1076 - CVE-2009-4274 Checksums-Sha1: f3ab669a0a44e01040f91796cd5e42a2fca3fb97 1282 netpbm-free_10.0-12ubuntu0.8.10.1.dsc fb0332fc2651b707eebf30e2fd9cd19de83de167 51472 netpbm-free_10.0-12ubuntu0.8.10.1.diff.gz Checksums-Sha256: cf51280a6f7e401dfa5a83bcd6ba3c71a1f7f79ad08f95a502de4b583ef2114e 1282 netpbm-free_10.0-12ubuntu0.8.10.1.dsc 100b9e8d76b2a69b1e7bc35819275c128f4fdfa72daf92903e7fcc2eb46a4e13 51472 netpbm-free_10.0-12ubuntu0.8.10.1.diff.gz Files: 26b57136e4cc99aaaa762eb614338a06 1282 graphics optional netpbm-free_10.0-12ubuntu0.8.10.1.dsc fb6fcb332481ccb91907968e499248b7 51472 graphics optional netpbm-free_10.0-12ubuntu0.8.10.1.diff.gz Original-Maintainer: Andreas Barth &lt;aba-1hoGZ/rawHMT4vqYcUCXOw&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-29T22:03:28 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9621 <pre>ffmpeg-debian (3:0.svn20080206-12ubuntu3.3) intrepid-security; urgency=low * debian/patches/CVE-2009-46XX/security-issue22.patch: removed this patch as it was causing a regression. (LP: #567913) Date: Fri, 23 Apr 2010 08:13:39 -0400 Changed-By: Marc Deslauriers &lt;marc.deslauriers-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Reinhard Tartler &lt;siretart-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/ffmpeg-debian/3:0.svn20080206-12ubuntu3.3 Format: 1.8 Date: Fri, 23 Apr 2010 08:13:39 -0400 Source: ffmpeg-debian Binary: ffmpeg ffmpeg-dbg ffmpeg-doc libavutil49 libavcodec51 libavdevice52 libpostproc51 libavformat52 libswscale0 libavutil-dev libavcodec-dev libavdevice-dev libpostproc-dev libavformat-dev libswscale-dev Architecture: source Version: 3:0.svn20080206-12ubuntu3.3 Distribution: intrepid-security Urgency: low Maintainer: Reinhard Tartler &lt;siretart-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Changed-By: Marc Deslauriers &lt;marc.deslauriers-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: ffmpeg - multimedia player, server and encoder ffmpeg-dbg - Debug symbols for ffmpeg related packages ffmpeg-doc - documentation of the ffmpeg API libavcodec-dev - development files for libavcodec libavcodec51 - ffmpeg codec library libavdevice-dev - development files for libavdevice libavdevice52 - ffmpeg device handling library libavformat-dev - development files for libavformat libavformat52 - ffmpeg file format library libavutil-dev - development files for libavutil libavutil49 - ffmpeg utility library libpostproc-dev - development files for libpostproc libpostproc51 - ffmpeg video postprocessing library libswscale-dev - development files for libswscale libswscale0 - ffmpeg video scaling library Launchpad-Bugs-Fixed: 567913 Changes: ffmpeg-debian (3:0.svn20080206-12ubuntu3.3) intrepid-security; urgency=low . * debian/patches/CVE-2009-46XX/security-issue22.patch: removed this patch as it was causing a regression. (LP: #567913) Checksums-Sha1: c076ceec46de695e3113a43f162dc0d47276d055 1943 ffmpeg-debian_0.svn20080206-12ubuntu3.3.dsc 86d7676e2da4365cfb3d430ec966ecd730bf9147 41518 ffmpeg-debian_0.svn20080206-12ubuntu3.3.diff.gz Checksums-Sha256: bf1ddced562c4e71413021315377e94e51bee95071626308cf38f2123844558f 1943 ffmpeg-debian_0.svn20080206-12ubuntu3.3.dsc 020cd594084ecbaa466a69fd3ede767b60703704ad01890cd8cd870c2a6584f2 41518 ffmpeg-debian_0.svn20080206-12ubuntu3.3.diff.gz Files: 1934a45721168192b8420b73d97c3b1c 1943 libs optional ffmpeg-debian_0.svn20080206-12ubuntu3.3.dsc 4dd77493a0421df9561cafb022423cb8 41518 libs optional ffmpeg-debian_0.svn20080206-12ubuntu3.3.diff.gz </pre> Ubuntu Installer 2010-04-26T13:20:56 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9620 <pre>irssi (0.8.12-4ubuntu2.3) intrepid-security; urgency=low * debian/patches/91_ssl_proxy.patch: when we have a proxy setting, we expect the CN to match the proxy hostname, not the server hostname. Patch thanks to Steve Langasek. (LP: #565182) Date: Mon, 19 Apr 2010 13:02:15 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/irssi/0.8.12-4ubuntu2.3 Format: 1.8 Date: Mon, 19 Apr 2010 13:02:15 -0500 Source: irssi Binary: irssi irssi-dev Architecture: source Version: 0.8.12-4ubuntu2.3 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: irssi - terminal based IRC client irssi-dev - text-mode version of the irssi IRC client development files Launchpad-Bugs-Fixed: 565182 Changes: irssi (0.8.12-4ubuntu2.3) intrepid-security; urgency=low . * debian/patches/91_ssl_proxy.patch: when we have a proxy setting, we expect the CN to match the proxy hostname, not the server hostname. Patch thanks to Steve Langasek. (LP: #565182) Checksums-Sha1: a2b2a83c336a41093d2b3e15bf9b06856feb52d2 1391 irssi_0.8.12-4ubuntu2.3.dsc 3cc338e2ff9777dede6810f03a8be54952fa39c1 23388 irssi_0.8.12-4ubuntu2.3.diff.gz Checksums-Sha256: f8129a80d52476fdea3315702f62f82f7346204cc0f84f10d6c9e71c2920ddb4 1391 irssi_0.8.12-4ubuntu2.3.dsc e9cf6740764f32f1c71338b43782b065adceee875a94cfb564f94c4709e3d8c9 23388 irssi_0.8.12-4ubuntu2.3.diff.gz Files: 61a02c1b1ddcca3136ced650945396a8 1391 net optional irssi_0.8.12-4ubuntu2.3.dsc d6438c5ab92e4e5bc906015d7d2df88c 23388 net optional irssi_0.8.12-4ubuntu2.3.diff.gz Original-Maintainer: David Pashley &lt;david-JNL0DRyBbJbhYl3rl1t9zQ&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-20T17:03:25 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9619 <pre>kdebase-workspace (4:4.1.4-0ubuntu1~intrepid3.2) intrepid-security; urgency=low * SECURITY UPDATE: KDM Local Privilege Escalation Vulnerability (LP: #562440). - Add debian/patches/CVE-2010-0436_fix_kdm_local_exploit.diff - kdm/backend/ctrl.c: prevent race condition during user login which could allow execution of arbitrary code as root - CVE-2010-0436 - http://www.kde.org/info/security/advisory-20100413-1.txt Date: Fri, 16 Apr 2010 19:19:37 +0100 Changed-By: Jonathan Riddell &lt;jriddell-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Kubuntu Developers &lt;kubuntu-devel-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/kdebase-workspace/4:4.1.4-0ubuntu1~intrepid3.2 Format: 1.8 Date: Fri, 16 Apr 2010 19:19:37 +0100 Source: kdebase-workspace Binary: kdebase-workspace kdebase-workspace-bin kdebase-workspace-libs4+5 kdebase-workspace-data kdebase-workspace-wallpapers kdebase-workspace-dev kdm klipper ksysguardd ksysguard kde-window-manager libkdecorations4 libkwineffects1 systemsettings kdebase-workspace-dbg libplasma2 libplasma-dev kwin python-plasma python-plasma-examples Architecture: source Version: 4:4.1.4-0ubuntu1~intrepid3.2 Distribution: intrepid-security Urgency: low Maintainer: Kubuntu Developers &lt;kubuntu-devel-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jonathan Riddell &lt;jriddell-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: kde-window-manager - the KDE 4 window manager (KWin) kdebase-workspace - base workspace components from the official KDE 4 release kdebase-workspace-bin - core binaries for the KDE 4 base workspace module kdebase-workspace-data - shared data files for the KDE 4 base workspace module kdebase-workspace-dbg - debugging symbols for the KDE 4 base workspace module kdebase-workspace-dev - development files for the KDE 4 base workspace module kdebase-workspace-libs4+5 - libraries provided by the KDE 4 base workspace module kdebase-workspace-wallpapers - extra wallpapers from the KDE 4 base module kdm - KDE Display Manager for X11 klipper - clipboard utility for KDE 4 ksysguard - System Guard for KDE 4 ksysguardd - System Guard Daemon for KDE 4 kwin - the KDE 4 window manager (KWin) libkdecorations4 - library used by decorations for the KDE 4 window manager libkwineffects1 - library used by effects for the KDE 4 window manager libplasma-dev - development files for the KDE 4 Plasma desktop libplasma2 - library for the KDE 4 Plasma desktop python-plasma - python support libraries for plasma applets python-plasma-examples - python plasma applet and engine examples systemsettings - KDE 4 System Settings Launchpad-Bugs-Fixed: 562440 Changes: kdebase-workspace (4:4.1.4-0ubuntu1~intrepid3.2) intrepid-security; urgency=low . * SECURITY UPDATE: KDM Local Privilege Escalation Vulnerability (LP: #562440). - Add debian/patches/CVE-2010-0436_fix_kdm_local_exploit.diff - kdm/backend/ctrl.c: prevent race condition during user login which could allow execution of arbitrary code as root - CVE-2010-0436 - http://www.kde.org/info/security/advisory-20100413-1.txt Checksums-Sha1: 27a6ae63a5f4d91f0c205e5d5dcb4df0fbf13138 2698 kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2.dsc f28922cce4f2590a748d1c7b6eb13b8cc42663d0 194094 kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2.diff.gz Checksums-Sha256: c9e5bd1ca12cb181fd46a9df8cb58308101c5b6cadad07d5471e747dba2e54c8 2698 kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2.dsc 6d190bcf912bf8e62cb42eb327dce7486e65d8121c267f755b0d398f34930d82 194094 kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2.diff.gz Files: 0ea75e5eca25913f91d724233a065a04 2698 kde optional kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2.dsc b7ab3adcb154f57edf7a51081d144b39 194094 kde optional kdebase-workspace_4.1.4-0ubuntu1~intrepid3.2.diff.gz Original-Maintainer: Debian Qt/KDE Maintainers &lt;debian-qt-kde-0aAXYlwwYIKrKVvWRXNRGw&lt; at &gt;public.gmane.orgorg&gt; </pre> Ubuntu Installer 2010-04-19T22:05:39 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9618 <pre>ffmpeg-debian (3:0.svn20080206-12ubuntu3.2) intrepid-security; urgency=low * SECURITY UPDATE: Fix a multitude of security issues - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream existence before assignment - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap indexes - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook value - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for per-packet mode indexes and per-header mode mapping indexes - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook index and subclass book index. - debian/patches/CVE-2009-46XX/security-issue08.patch: check res_setup-&gt;books - debian/patches/CVE-2009-46XX/security-issue09.patch: check begin/end/partition_size - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity of channels &amp; samplerate - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx check - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks for magnitude and angle - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -&gt; == typo - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions against 0 too - debian/patches/CVE-2009-46XX/security-issue15.patch: fix init_get_bits() buffer size - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that all memory allocations succeed - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible buffer over-read in vorbis_comment - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to 0 to avoid having it uninitialized - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing for ogg streams where no ogg header was found - debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id and codec_type, make sure priv_data is freed and codec is set to NULL - CVE-2009-4632 - CVE-2009-4633 - CVE-2009-4634 - CVE-2009-4635 - CVE-2009-4637 - CVE-2009-4639 - CVE-2009-4640 Date: Thu, 08 Apr 2010 09:13:16 -0400 Changed-By: Marc Deslauriers &lt;marc.deslauriers-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Reinhard Tartler &lt;siretart-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/ffmpeg-debian/3:0.svn20080206-12ubuntu3.2 Format: 1.8 Date: Thu, 08 Apr 2010 09:13:16 -0400 Source: ffmpeg-debian Binary: ffmpeg ffmpeg-dbg ffmpeg-doc libavutil49 libavcodec51 libavdevice52 libpostproc51 libavformat52 libswscale0 libavutil-dev libavcodec-dev libavdevice-dev libpostproc-dev libavformat-dev libswscale-dev Architecture: source Version: 3:0.svn20080206-12ubuntu3.2 Distribution: intrepid-security Urgency: low Maintainer: Reinhard Tartler &lt;siretart-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Changed-By: Marc Deslauriers &lt;marc.deslauriers-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: ffmpeg - multimedia player, server and encoder ffmpeg-dbg - Debug symbols for ffmpeg related packages ffmpeg-doc - documentation of the ffmpeg API libavcodec-dev - development files for libavcodec libavcodec51 - ffmpeg codec library libavdevice-dev - development files for libavdevice libavdevice52 - ffmpeg device handling library libavformat-dev - development files for libavformat libavformat52 - ffmpeg file format library libavutil-dev - development files for libavutil libavutil49 - ffmpeg utility library libpostproc-dev - development files for libpostproc libpostproc51 - ffmpeg video postprocessing library libswscale-dev - development files for libswscale libswscale0 - ffmpeg video scaling library Changes: ffmpeg-debian (3:0.svn20080206-12ubuntu3.2) intrepid-security; urgency=low . * SECURITY UPDATE: Fix a multitude of security issues - debian/patches/CVE-2009-46XX/security-issue03.patch: check stream existence before assignment - debian/patches/CVE-2009-46XX/security-issue04.patch: check submap indexes - debian/patches/CVE-2009-46XX/security-issue05.patch: check classbook value - debian/patches/CVE-2009-46XX/security-issue06.patch: add checks for per-packet mode indexes and per-header mode mapping indexes - debian/patches/CVE-2009-46XX/security-issue07.patch: check masterbook index and subclass book index. - debian/patches/CVE-2009-46XX/security-issue08.patch: check res_setup-&gt;books - debian/patches/CVE-2009-46XX/security-issue09.patch: check begin/end/partition_size - debian/patches/CVE-2009-46XX/security-issue10.patch: check validity of channels &amp; samplerate - debian/patches/CVE-2009-46XX/security-issue11.patch: fix book_idx check - debian/patches/CVE-2009-46XX/security-issue12.patch: sanity checks for magnitude and angle - debian/patches/CVE-2009-46XX/security-issue13.patch: fix = -&gt; == typo - debian/patches/CVE-2009-46XX/security-issue14.patch: check dimensions against 0 too - debian/patches/CVE-2009-46XX/security-issue15.patch: fix init_get_bits() buffer size - debian/patches/CVE-2009-46XX/security-issue17.patch: make sure that all memory allocations succeed - debian/patches/CVE-2009-46XX/security-issue18.patch: fix possible buffer over-read in vorbis_comment - debian/patches/CVE-2009-46XX/security-issue19.patch: set data_size to 0 to avoid having it uninitialized - debian/patches/CVE-2009-46XX/security-issue20.patch: disable parsing for ogg streams where no ogg header was found - debian/patches/CVE-2009-46XX/security-issue22.patch: check codec_id and codec_type, make sure priv_data is freed and codec is set to NULL - CVE-2009-4632 - CVE-2009-4633 - CVE-2009-4634 - CVE-2009-4635 - CVE-2009-4637 - CVE-2009-4639 - CVE-2009-4640 Checksums-Sha1: cb989c9c1ecdd1ef266a0d293d7bf8c1bc3509c5 1943 ffmpeg-debian_0.svn20080206-12ubuntu3.2.dsc 2604ef78bf151fdf0c80d3e52bfd493bbf246df0 41910 ffmpeg-debian_0.svn20080206-12ubuntu3.2.diff.gz Checksums-Sha256: 9eb4a29bfd11e9b931643b35d08e188927f645b585fa098015614e6f86508808 1943 ffmpeg-debian_0.svn20080206-12ubuntu3.2.dsc 1ba1d4b9fedec3435074b5468acdab6766278fb56567cb378b267a9f215bf22f 41910 ffmpeg-debian_0.svn20080206-12ubuntu3.2.diff.gz Files: 752021eeead9a8f85985372e8c288c26 1943 libs optional ffmpeg-debian_0.svn20080206-12ubuntu3.2.dsc 5247e89dd7791662fb1b7206fa47a768 41910 libs optional ffmpeg-debian_0.svn20080206-12ubuntu3.2.diff.gz </pre> Ubuntu Installer 2010-04-19T18:04:17 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9617 <pre>irssi (0.8.12-4ubuntu2.2) intrepid-security; urgency=low * SECURITY UPDATE: perform certificate host validation - debian/patches/91_CVE-2010-1155.patch: adjust to verify hostname against CN. Also use one SSL_CTX per connection and use default trusted CAs if nothing specified. - CVE-2010-1155 * SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on the channel - debian/patches/91_CVE-2010-1156.patch: verify channel is non-NULL in src/core/nicklist.c - CVE-2010-1156 * debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol Date: Wed, 14 Apr 2010 15:15:07 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/irssi/0.8.12-4ubuntu2.2 Format: 1.8 Date: Wed, 14 Apr 2010 15:15:07 -0500 Source: irssi Binary: irssi irssi-dev Architecture: source Version: 0.8.12-4ubuntu2.2 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: irssi - terminal based IRC client irssi-dev - text-mode version of the irssi IRC client development files Changes: irssi (0.8.12-4ubuntu2.2) intrepid-security; urgency=low . * SECURITY UPDATE: perform certificate host validation - debian/patches/91_CVE-2010-1155.patch: adjust to verify hostname against CN. Also use one SSL_CTX per connection and use default trusted CAs if nothing specified. - CVE-2010-1155 * SECURITY UPDATE: fix crash when checking for fuzzy nick match when not on the channel - debian/patches/91_CVE-2010-1156.patch: verify channel is non-NULL in src/core/nicklist.c - CVE-2010-1156 * debian/patches/92_disable_sslv2.patch: do not use SSLv2 protocol Checksums-Sha1: 19b7879bf63edd0edc42bbdd35a5612ca549b127 1391 irssi_0.8.12-4ubuntu2.2.dsc 9d70e3e58556939d69245ca22f85f838d7e06760 22949 irssi_0.8.12-4ubuntu2.2.diff.gz Checksums-Sha256: 82e9b47ea27c0bc333cad5af9e00fbed712feee86a549f14e7598d6a8e1a5f32 1391 irssi_0.8.12-4ubuntu2.2.dsc 45dc995996112cb45e451aaa6e663f6fc6a209b8d50bd348211402b130648440 22949 irssi_0.8.12-4ubuntu2.2.diff.gz Files: c447723cf0848e4494b966a88a07ed6d 1391 net optional irssi_0.8.12-4ubuntu2.2.dsc 05b1027b8cbc7893794a86a1ce3c9477 22949 net optional irssi_0.8.12-4ubuntu2.2.diff.gz Original-Maintainer: David Pashley &lt;david-JNL0DRyBbJbhYl3rl1t9zQ&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-15T23:03:36 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9616 <pre>cmake (2.6.0-4ubuntu2.1) intrepid-security; urgency=low * SECURITY UPDATE: fix DoS via malformed XML - debian/patches/CVE_2009_3720.patch: xmltok_impl.c to not access beyond end of input string - CVE-2009-3720 * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences - debian/patches/CVE_2009_3560.patch: update xmlparse.c to properly recognize the end of a token - CVE-2009-3560 Date: Tue, 13 Apr 2010 20:56:53 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/cmake/2.6.0-4ubuntu2.1 Format: 1.8 Date: Tue, 13 Apr 2010 20:56:53 -0500 Source: cmake Binary: cmake cmake-gui Architecture: source Version: 2.6.0-4ubuntu2.1 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: cmake - A cross-platform, open-source make system cmake-gui - GUI for cmake cross-platform make system Changes: cmake (2.6.0-4ubuntu2.1) intrepid-security; urgency=low . * SECURITY UPDATE: fix DoS via malformed XML - debian/patches/CVE_2009_3720.patch: xmltok_impl.c to not access beyond end of input string - CVE-2009-3720 * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences - debian/patches/CVE_2009_3560.patch: update xmlparse.c to properly recognize the end of a token - CVE-2009-3560 Checksums-Sha1: 9cfefc4e71f80d1150e34b99f0a452c6bd3ae5fc 1209 cmake_2.6.0-4ubuntu2.1.dsc ab2499198936001dc0baf2a496e3818c923e687a 154440 cmake_2.6.0-4ubuntu2.1.diff.gz Checksums-Sha256: 3ab146212521c7429c1b8c55df24761f9458a65944a3a96c79ae1e7cf7123bb3 1209 cmake_2.6.0-4ubuntu2.1.dsc 4542f53db225cd26e89da84ffe5622e94eaedd65f259eabbbabbbc9c471f3109 154440 cmake_2.6.0-4ubuntu2.1.diff.gz Files: a588561c8c0c8b452502684165f10cb4 1209 devel optional cmake_2.6.0-4ubuntu2.1.dsc 0ecd99b1f92f8074a00b35f724285c60 154440 devel optional cmake_2.6.0-4ubuntu2.1.diff.gz Original-Maintainer: A. Maitland Bottoms &lt;bottoms-8fiUuRrzOP0dnm+yROfE0A&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-15T19:05:41 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9615 <pre>sudo (1.6.9p17-1ubuntu2.3) intrepid-security; urgency=low * SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit' pseudo-command when running from the current working directory and secure_path is disabled - CVE-2010-XXXX Date: Wed, 07 Apr 2010 15:49:07 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Martin Pitt &lt;martin.pitt-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/sudo/1.6.9p17-1ubuntu2.3 Format: 1.8 Date: Wed, 07 Apr 2010 15:49:07 -0500 Source: sudo Binary: sudo sudo-ldap Architecture: source Version: 1.6.9p17-1ubuntu2.3 Distribution: intrepid-security Urgency: low Maintainer: Martin Pitt &lt;martin.pitt-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: sudo - Provide limited super user privileges to specific users sudo-ldap - Provide limited super user privileges to specific users Changes: sudo (1.6.9p17-1ubuntu2.3) intrepid-security; urgency=low . * SECURITY UPDATE: properly verify path in find_path.c for the 'sudoedit' pseudo-command when running from the current working directory and secure_path is disabled - CVE-2010-XXXX Checksums-Sha1: 92989c05da985e6166c3b773d8a07535fb4d5586 1098 sudo_1.6.9p17-1ubuntu2.3.dsc 919e6bef371b10fca59cfc4f34b3a0391017da8e 26703 sudo_1.6.9p17-1ubuntu2.3.diff.gz Checksums-Sha256: 2430024c758c49e81c0624ba38a267ad44c947ddbf55a265655c4d266fb7b910 1098 sudo_1.6.9p17-1ubuntu2.3.dsc 105085a2b0db9d765b1dab61c396fff64c4f9ca3d3c552a5588708518dd0f31c 26703 sudo_1.6.9p17-1ubuntu2.3.diff.gz Files: 92f13b0ab92f0288622c34089570390c 1098 admin optional sudo_1.6.9p17-1ubuntu2.3.dsc 53450aae72fd4ff5ef1b67bdb7aa0810 26703 admin optional sudo_1.6.9p17-1ubuntu2.3.diff.gz Original-Maintainer: Bdale Garbee &lt;bdale-wvU4uTqWWAI&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-15T16:04:54 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9614 <pre>acroread (9.3.2-intrepid1) intrepid; urgency=low * Initial release of 9.3.2 for intrepid Date: Tue, 13 Apr 2010 23:55:28 -0400 Changed-By: Brian Thomason &lt;brian.thomason-Z7WLFzj8eWMS+FvcfC7Uqw&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/acroread/9.3.2-intrepid1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 13 Apr 2010 23:55:28 -0400 Source: acroread Binary: acroread Architecture: source Version: 9.3.2-intrepid1 Distribution: intrepid Urgency: low Maintainer: Brian Thomason &lt;brian.thomason-Z7WLFzj8eWMS+FvcfC7Uqw&lt; at &gt;public.gmane.org&gt; Changed-By: Brian Thomason &lt;brian.thomason-Z7WLFzj8eWMS+FvcfC7Uqw&lt; at &gt;public.gmane.org&gt; Description: acroread - Adobe Reader Changes: acroread (9.3.2-intrepid1) intrepid; urgency=low . * Initial release of 9.3.2 for intrepid Checksums-Sha1: 00570999b114ea02497da0650a13d85d2da5f1c2 1207 acroread_9.3.2-intrepid1.dsc 543c66e73e0742f68c2f170f35f6a99fd41635d9 5572 acroread_9.3.2-intrepid1.diff.gz Checksums-Sha256: 7794fc2a57ecff4b6b75a104d20edf4f3d8a3abf87974318c1fc6cc9b7e45ee4 1207 acroread_9.3.2-intrepid1.dsc 51b3deb7a1fb2f32903b0840ad2548fc0b930b02b3c60c3ef34a2238b06de3dc 5572 acroread_9.3.2-intrepid1.diff.gz Files: 1c256e938d921985c322c162cb093aa0 1207 partner/text extra acroread_9.3.2-intrepid1.dsc 82abe16aedc79e3a753912846dcdc73c 5572 partner/text extra acroread_9.3.2-intrepid1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkvFPcQACgkQOb4zNfJqN5cDbgCfX79URdSpL9ba5ly+WHeudZ/5 Ny4An36MeqGi/uuVrs6lQoFiBRWBtKDf =eWlE -----END PGP SIGNATURE----- </pre> Brian Thomason 2010-04-14T04:05:25 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9613 <pre>havp (0.89-2ubuntu2~intrepid3) intrepid-security; urgency=low * No change rebuild against clamav 0.95 havp (0.89-2ubuntu2~intrepid2) intrepid-backports; urgency=low * No change rebuild to ensure build is against libclamav6 havp (0.89-2ubuntu2~intrepid1) intrepid-backports; urgency=low * Automated backport upload; no source changes. havp (0.89-2ubuntu2) jaunty; urgency=low * updated to build with clamav 0.95 - debian/patches/10_clamav095_support.dpatch havp (0.89-2ubuntu1) jaunty; urgency=low * Merge from debian unstable (LP: #313755), remaining changes: - Under certain circumstances, the init script and/or postrm script will fail to umount loop-back devices (LP: #296499). This issue has been addressed by performing a lazy umount in these two scripts. havp (0.89-2) unstable; urgency=low * Create /var/run/havp if it doesn't exist when running init script so that it can be used when /var/run is on tmpfs. Closes: #502048: havp: Havp init fails after reboot if /var/run is tempfs havp (0.89-1ubuntu2) jaunty; urgency=low * Under certain circumstances, the init script and/or postrm script will fail to umount loop-back devices (LP: #296499). This issue has been addressed by performing a lazy umount in these two scripts. Date: Tue, 06 Apr 2010 13:57:21 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/havp/0.89-2ubuntu2~intrepid3 Format: 1.8 Date: Tue, 06 Apr 2010 13:57:21 -0500 Source: havp Binary: havp Architecture: source Version: 0.89-2ubuntu2~intrepid3 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: havp - HTTP Anti Virus Proxy Closes: 502048 Launchpad-Bugs-Fixed: 296499 296499 313755 Changes: havp (0.89-2ubuntu2~intrepid3) intrepid-security; urgency=low . * No change rebuild against clamav 0.95 . havp (0.89-2ubuntu2~intrepid2) intrepid-backports; urgency=low . * No change rebuild to ensure build is against libclamav6 . havp (0.89-2ubuntu2~intrepid1) intrepid-backports; urgency=low . * Automated backport upload; no source changes. . havp (0.89-2ubuntu2) jaunty; urgency=low . * updated to build with clamav 0.95 - debian/patches/10_clamav095_support.dpatch . havp (0.89-2ubuntu1) jaunty; urgency=low . * Merge from debian unstable (LP: #313755), remaining changes: - Under certain circumstances, the init script and/or postrm script will fail to umount loop-back devices (LP: #296499). This issue has been addressed by performing a lazy umount in these two scripts. . havp (0.89-2) unstable; urgency=low . * Create /var/run/havp if it doesn't exist when running init script so that it can be used when /var/run is on tmpfs. Closes: #502048: havp: Havp init fails after reboot if /var/run is tempfs . havp (0.89-1ubuntu2) jaunty; urgency=low . * Under certain circumstances, the init script and/or postrm script will fail to umount loop-back devices (LP: #296499). This issue has been addressed by performing a lazy umount in these two scripts. Checksums-Sha1: 673e1269a0ba3dc25226724b49075c1e0361eaba 1152 havp_0.89-2ubuntu2~intrepid3.dsc 5749fbf12875846e2610593cf1f17955d14d8c94 26089 havp_0.89-2ubuntu2~intrepid3.diff.gz Checksums-Sha256: bd98ec52fdb61dbbd0f0baf4f4e839dbf85b17d2d89d4911e438eb8728f9629e 1152 havp_0.89-2ubuntu2~intrepid3.dsc becefd62b68d78cedf13116365d18ee29a6086e0e2bf189dbe6b07ee291f504e 26089 havp_0.89-2ubuntu2~intrepid3.diff.gz Files: 7eb6b10ff1265bc1498b86ecc7436974 1152 net optional havp_0.89-2ubuntu2~intrepid3.dsc 82d4acfef0fa85cdd5712773e6b1c3db 26089 net optional havp_0.89-2ubuntu2~intrepid3.diff.gz Original-Maintainer: Rene Mayrhofer &lt;rene.mayrhofer-xxJj0ogZBuJ4Lj/PQRBjDg&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-08T21:04:00 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9612 <pre>clamav (0.95.3+dfsg-1ubuntu0.09.04~intrepid3) intrepid-security; urgency=low * SECURITY UPDATE: (LP: #553266) * References clamav bugs #1771 and #1826 * libclamav/mspack.c: fix Quantum decompressor (bb#1771) - clamav git 224fee54dd6cd8933d7007331ec2bfca0398d4b4 * libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826) - clamav git 31b77b3fb589ab07e7b4d84f8b3825178864ee51 * patch based on work by Scott Kitterman Date: Tue, 06 Apr 2010 13:09:52 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/clamav/0.95.3+dfsg-1ubuntu0.09.04~intrepid3 Format: 1.8 Date: Tue, 06 Apr 2010 13:09:52 -0500 Source: clamav Binary: clamav-base clamav-docs clamav-dbg clamav libclamav-dev libclamav6 clamav-daemon clamav-testfiles clamav-freshclam clamav-milter Architecture: source Version: 0.95.3+dfsg-1ubuntu0.09.04~intrepid3 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: clamav - anti-virus utility for Unix - command-line interface clamav-base - anti-virus utility for Unix - base package clamav-daemon - anti-virus utility for Unix - scanner daemon clamav-dbg - debug symbols for ClamAV clamav-docs - anti-virus utility for Unix - documentation clamav-freshclam - anti-virus utility for Unix - virus database update utility clamav-milter - anti-virus utility for Unix - sendmail integration clamav-testfiles - anti-virus utility for Unix - test files libclamav-dev - anti-virus utility for Unix - development files libclamav6 - anti-virus utility for Unix - library Launchpad-Bugs-Fixed: 553266 Changes: clamav (0.95.3+dfsg-1ubuntu0.09.04~intrepid3) intrepid-security; urgency=low . * SECURITY UPDATE: (LP: #553266) * References clamav bugs #1771 and #1826 * libclamav/mspack.c: fix Quantum decompressor (bb#1771) - clamav git 224fee54dd6cd8933d7007331ec2bfca0398d4b4 * libclamav/mspack.c: improve unpacking of malformed cabinets (bb#1826) - clamav git 31b77b3fb589ab07e7b4d84f8b3825178864ee51 * patch based on work by Scott Kitterman Checksums-Sha1: 8b35097cd288330db9cfa5ada142ce4467822d0c 1576 clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3.dsc b1c535378f1f4b936b6d1d621e3de757d47cba8b 265323 clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3.diff.gz Checksums-Sha256: cb846fdc2b12c5a7af804f44f60eae4a9bf59d069124f04ba687c116c1b8df63 1576 clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3.dsc 14799fc5a4f3594c802508a1cec9a14c60c4c46ba35b23f85f5ac3d5c8c10eca 265323 clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3.diff.gz Files: fa943d778fae6cd3cbe4c0aa210fabb2 1576 utils optional clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3.dsc 757c04fba1c77865dbbc5b9e295e3747 265323 utils optional clamav_0.95.3+dfsg-1ubuntu0.09.04~intrepid3.diff.gz Original-Maintainer: ClamAV Team &lt;pkg-clamav-devel-XbBxUvOt3X2LieD7tvxI8l/i77bcL1HB&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-08T21:04:15 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9611 <pre>dansguardian (2.9.9.7-2.1ubuntu1~intrepid3) intrepid-security; urgency=low * No change rebuild against clamav 0.95 dansguardian (2.9.9.7-2.1ubuntu1~intrepid2) intrepid-backports; urgency=low * No change rebuild to ensure libclamav6 transition got picked up dansguardian (2.9.9.7-2.1ubuntu1~intrepid1) intrepid-backports; urgency=low * Automated backport upload; no source changes. dansguardian (2.9.9.7-2.1ubuntu1) karmic; urgency=low * Merge from Debian unstable, remaining changes (LP: #372357) * Patched to compile with GCC-4.4 - debian/patches/52_gcc44_build_fix.dpatch (proposed patch from Debian #526156) dansguardian (2.9.9.7-2.1) unstable; urgency=low * Non-maintainer upload. * Added patch for clamav 0.95/libclamav6 support - added debian/patches/50_clamav095_support.dpatch dansguardian (2.9.9.7-2ubuntu1) jaunty; urgency=low * new PPA test build with clamav 0.95 - debian/patches/50_clamav095_support.dpatch Date: Tue, 06 Apr 2010 13:28:42 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/dansguardian/2.9.9.7-2.1ubuntu1~intrepid3 Format: 1.8 Date: Tue, 06 Apr 2010 13:28:42 -0500 Source: dansguardian Binary: dansguardian Architecture: source Version: 2.9.9.7-2.1ubuntu1~intrepid3 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: dansguardian - Web content filtering Launchpad-Bugs-Fixed: 372357 Changes: dansguardian (2.9.9.7-2.1ubuntu1~intrepid3) intrepid-security; urgency=low . * No change rebuild against clamav 0.95 . dansguardian (2.9.9.7-2.1ubuntu1~intrepid2) intrepid-backports; urgency=low . * No change rebuild to ensure libclamav6 transition got picked up . dansguardian (2.9.9.7-2.1ubuntu1~intrepid1) intrepid-backports; urgency=low . * Automated backport upload; no source changes. . dansguardian (2.9.9.7-2.1ubuntu1) karmic; urgency=low . * Merge from Debian unstable, remaining changes (LP: #372357) * Patched to compile with GCC-4.4 - debian/patches/52_gcc44_build_fix.dpatch (proposed patch from Debian #526156) . dansguardian (2.9.9.7-2.1) unstable; urgency=low . * Non-maintainer upload. * Added patch for clamav 0.95/libclamav6 support - added debian/patches/50_clamav095_support.dpatch . dansguardian (2.9.9.7-2ubuntu1) jaunty; urgency=low . * new PPA test build with clamav 0.95 - debian/patches/50_clamav095_support.dpatch Checksums-Sha1: 00840ffd3f041a5e64a1073e1a8987735e361d2b 1227 dansguardian_2.9.9.7-2.1ubuntu1~intrepid3.dsc f23253a801dd54c2ed11e48d82bc113d7e0f8846 53063 dansguardian_2.9.9.7-2.1ubuntu1~intrepid3.diff.gz Checksums-Sha256: 0acc95ef4319ef4f0b6421afcb0cb921d485add9daddc3413ad1ac9568bc822e 1227 dansguardian_2.9.9.7-2.1ubuntu1~intrepid3.dsc 84d44085fb645b660d619a37041a4578a4a5e3bd07c578f3b291db3dea53cb8f 53063 dansguardian_2.9.9.7-2.1ubuntu1~intrepid3.diff.gz Files: eb0186cd5826c0bd1f0ed662f9d05e2e 1227 web optional dansguardian_2.9.9.7-2.1ubuntu1~intrepid3.dsc 1c1ae74a39fdfb512839edc1b725d90d 53063 web optional dansguardian_2.9.9.7-2.1ubuntu1~intrepid3.diff.gz Original-Maintainer: Alexander Wirt &lt;formorer-8fiUuRrzOP0dnm+yROfE0A&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-08T21:04:09 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9610 <pre>gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid3) intrepid-security; urgency=low * No change rebuild against clamav 0.95 gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid2) intrepid-backports; urgency=low * No change rebuild to ensure the package is built against libclamav6 gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid1) intrepid-backports; urgency=low * Automated backport upload; no source changes. gurlchecker (0.10.3svn2009032900-0ubuntu1) jaunty; urgency=low * Updated to svn head (revision 648) for clamav 0.95 integration (LP: #354015) * Added build-dep on libltdl7-dev gurlchecker (0.10.2-2ubuntu1) jaunty; urgency=low * Replace Debian inline changes for clamav 0.94 integration with upstream fix and update to svn head (revision 647) - Fix virus scanning so it works (including detecting the Eicar test signatures (LP: #325054) - Fix segfault in settings validation (LP: #318309) - Fix option management - Updated translations and improved documentation Date: Tue, 06 Apr 2010 13:55:03 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/gurlchecker/0.10.3svn2009032900-0ubuntu1~intrepid3 Format: 1.8 Date: Tue, 06 Apr 2010 13:55:03 -0500 Source: gurlchecker Binary: gurlchecker Architecture: source Version: 0.10.3svn2009032900-0ubuntu1~intrepid3 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: gurlchecker - Graphical websites checker Launchpad-Bugs-Fixed: 318309 325054 354015 Changes: gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid3) intrepid-security; urgency=low . * No change rebuild against clamav 0.95 . gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid2) intrepid-backports; urgency=low . * No change rebuild to ensure the package is built against libclamav6 . gurlchecker (0.10.3svn2009032900-0ubuntu1~intrepid1) intrepid-backports; urgency=low . * Automated backport upload; no source changes. . gurlchecker (0.10.3svn2009032900-0ubuntu1) jaunty; urgency=low . * Updated to svn head (revision 648) for clamav 0.95 integration (LP: #354015) * Added build-dep on libltdl7-dev . gurlchecker (0.10.2-2ubuntu1) jaunty; urgency=low . * Replace Debian inline changes for clamav 0.94 integration with upstream fix and update to svn head (revision 647) - Fix virus scanning so it works (including detecting the Eicar test signatures (LP: #325054) - Fix segfault in settings validation (LP: #318309) - Fix option management - Updated translations and improved documentation Checksums-Sha1: b0d7e3f665e34b07618d97a3af3e727e51617647 1483 gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3.dsc 13c1d9f398076d232959020a2778abac50314dd5 696862 gurlchecker_0.10.3svn2009032900.orig.tar.gz 5e87116c1c447dc17f2f71b0b4e9a81112c688f7 3665 gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3.diff.gz Checksums-Sha256: 4c1601fb84940aa83cab9836605e26c5d85f7461dc9e7bc04137a6a3e9ee7d09 1483 gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3.dsc 627eb669d1530134121ecfd2536925cf1847bfbbe0e936c5a010dd12e298e75d 696862 gurlchecker_0.10.3svn2009032900.orig.tar.gz 06d85fdc14b16862cfe3085c2903e59b46a65e77863d2bd5400d0a31f028301d 3665 gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3.diff.gz Files: 26ea5c4486439a9de6e0326ee810b6de 1483 net optional gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3.dsc 578b532b4e80968e57999f069fa1f246 696862 net optional gurlchecker_0.10.3svn2009032900.orig.tar.gz 66f583289e7b6a822e6ebe597ed4ace4 3665 net optional gurlchecker_0.10.3svn2009032900-0ubuntu1~intrepid3.diff.gz Original-Maintainer: Bart Martens &lt;bartm-8fiUuRrzOP0dnm+yROfE0A&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-08T21:04:06 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9609 <pre>klamav (0.46-2~intrepid3) intrepid-security; urgency=low * No change rebuild against clamav 0.95 klamav (0.46-2~intrepid2) intrepid-backports; urgency=low * No change rebuild to ensure the package is built against libclamav6 klamav (0.46-2~intrepid1) intrepid-backports; urgency=low * Automated backport upload; no source changes. klamav (0.46-2) unstable; urgency=low * Just build-dep on libltdl3-dev klamav (0.46-1) unstable; urgency=low * New upstream release for clamav 0.95 compatibility - Updated debian/copyright - Add build-dep on libltdl7-dev | libltdl3-dev * Drop 11-ukraine.patch and 12-clamav-0.94_build_fix.diff - Incorporated upstream * Freshen 09-disable-autoscan.patch * Add 11_desktop_directory.diff, move .desktop file to xdg directory - Thanks to Jonathan Riddell &lt;jriddell-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; for the patch * Add 12_no_mediaslave.diff, remove obsolete (due to impending KDE4 transition) Devices section from launcher * Update standards version to 3.8.1 without further change Date: Tue, 06 Apr 2010 14:03:35 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Scott Kitterman &lt;scott-NQ6842lX5deaMJb+Lgu22Q&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/klamav/0.46-2~intrepid3 Format: 1.8 Date: Tue, 06 Apr 2010 14:03:35 -0500 Source: klamav Binary: klamav Architecture: source Version: 0.46-2~intrepid3 Distribution: intrepid-security Urgency: low Maintainer: Scott Kitterman &lt;scott-NQ6842lX5deaMJb+Lgu22Q&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: klamav - KDE frontend for ClamAV Changes: klamav (0.46-2~intrepid3) intrepid-security; urgency=low . * No change rebuild against clamav 0.95 . klamav (0.46-2~intrepid2) intrepid-backports; urgency=low . * No change rebuild to ensure the package is built against libclamav6 . klamav (0.46-2~intrepid1) intrepid-backports; urgency=low . * Automated backport upload; no source changes. . klamav (0.46-2) unstable; urgency=low . * Just build-dep on libltdl3-dev . klamav (0.46-1) unstable; urgency=low . * New upstream release for clamav 0.95 compatibility - Updated debian/copyright - Add build-dep on libltdl7-dev | libltdl3-dev * Drop 11-ukraine.patch and 12-clamav-0.94_build_fix.diff - Incorporated upstream * Freshen 09-disable-autoscan.patch * Add 11_desktop_directory.diff, move .desktop file to xdg directory - Thanks to Jonathan Riddell &lt;jriddell-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; for the patch * Add 12_no_mediaslave.diff, remove obsolete (due to impending KDE4 transition) Devices section from launcher * Update standards version to 3.8.1 without further change Checksums-Sha1: d7e934a49d9cd964865f67b323f94e6676e4663b 1126 klamav_0.46-2~intrepid3.dsc 44f151bb640499483cc6a9198018f51876618dd0 15374 klamav_0.46-2~intrepid3.diff.gz Checksums-Sha256: 4e8f46c06e2d4cc55e701a0bc372724b3704addca8b305aa29db356fe656669b 1126 klamav_0.46-2~intrepid3.dsc a96d011cce0e95eeffbbc82c5a366813b308e5358a114f6e28e9c219f84173a2 15374 klamav_0.46-2~intrepid3.diff.gz Files: d7693e0a694452f0012559954ef84f98 1126 kde optional klamav_0.46-2~intrepid3.dsc 535cb0882c488d27b42b4276d2c58042 15374 kde optional klamav_0.46-2~intrepid3.diff.gz </pre> Ubuntu Installer 2010-04-08T21:03:56 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9608 <pre>python-clamav (0.4.1-1ubuntu2~intrepid2) intrepid-security; urgency=low * No change rebuild against clamav 0.95 python-clamav (0.4.1-1ubuntu2~intrepid1) intrepid-backports; urgency=low * Intrepid backport for clamav 0.95 - removed --install-layout=deb (intrepid has Python 2.5) python-clamav (0.4.1-1ubuntu2) jaunty; urgency=low * Rebuild against libclamav6 [ Imre Gergely ] * cleaned up some old code for clamav 0.75 * updated Build-Depend for clamav 0.95 * modified pyclamav.c source to use the new API functions python-clamav (0.4.1-1ubuntu1) jaunty; urgency=low * Add --install-layout=deb and rebuild for Python 2.6 Date: Tue, 06 Apr 2010 14:17:08 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/python-clamav/0.4.1-1ubuntu2~intrepid2 Format: 1.8 Date: Tue, 06 Apr 2010 14:17:08 -0500 Source: python-clamav Binary: python-clamav Architecture: source Version: 0.4.1-1ubuntu2~intrepid2 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: python-clamav - Python bindings to ClamAV Changes: python-clamav (0.4.1-1ubuntu2~intrepid2) intrepid-security; urgency=low . * No change rebuild against clamav 0.95 . python-clamav (0.4.1-1ubuntu2~intrepid1) intrepid-backports; urgency=low . * Intrepid backport for clamav 0.95 - removed --install-layout=deb (intrepid has Python 2.5) . python-clamav (0.4.1-1ubuntu2) jaunty; urgency=low . * Rebuild against libclamav6 . [ Imre Gergely ] * cleaned up some old code for clamav 0.75 * updated Build-Depend for clamav 0.95 * modified pyclamav.c source to use the new API functions . python-clamav (0.4.1-1ubuntu1) jaunty; urgency=low . * Add --install-layout=deb and rebuild for Python 2.6 Checksums-Sha1: a4c67448ea3c30fdeeb22fb48875f557c1aebadf 1228 python-clamav_0.4.1-1ubuntu2~intrepid2.dsc 3dada1306e7ee3d0df88fccd6832984417271792 3932 python-clamav_0.4.1-1ubuntu2~intrepid2.diff.gz Checksums-Sha256: 76ed2092272f07d249aa904093f27314df534ca24b43fe3ca7e3f84f02f9a255 1228 python-clamav_0.4.1-1ubuntu2~intrepid2.dsc 23d0afc8daccaf27d033d6576f1609c38b81c9894d59f8a75d6947a903e2aa42 3932 python-clamav_0.4.1-1ubuntu2~intrepid2.diff.gz Files: aa3eca913d2f211f129cd97bdb7e678a 1228 python optional python-clamav_0.4.1-1ubuntu2~intrepid2.dsc 1c2036c02ec2cdb6c7c9c6f3e3497e87 3932 python optional python-clamav_0.4.1-1ubuntu2~intrepid2.diff.gz Original-Maintainer: Cédric Delfosse &lt;cedric-8fiUuRrzOP0dnm+yROfE0A&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-08T21:03:50 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9607 <pre>mediawiki (1:1.12.0-2ubuntu0.5) intrepid-security; urgency=low * SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to login as the attacker, via a script on an external website. IMPORTANT: Fix includes a breaking change to the API login action. Any clients using it will need to be updated. (LP: #557159) - debian/patches/CSRF-no-CVE_rev-64680.patch - patch based on upstream SVN rev. 64680 - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html - https://bugzilla.wikimedia.org/show_bug.cgi?id=23076 - CVE-2010-1150 Date: Wed, 07 Apr 2010 11:56:02 +0200 Changed-By: Andreas Wenning &lt;awen-0QWyXmCDP9M&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/mediawiki/1:1.12.0-2ubuntu0.5 Format: 1.8 Date: Wed, 07 Apr 2010 11:56:02 +0200 Source: mediawiki Binary: mediawiki mediawiki-math Architecture: source Version: 1:1.12.0-2ubuntu0.5 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu MOTU Developers &lt;ubuntu-motu-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Andreas Wenning &lt;awen-0QWyXmCDP9M&lt; at &gt;public.gmane.org&gt; Description: mediawiki - website engine for collaborative work mediawiki-math - math rendering plugin for MediaWiki Launchpad-Bugs-Fixed: 557159 Changes: mediawiki (1:1.12.0-2ubuntu0.5) intrepid-security; urgency=low . * SECURITY UPDATE: MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to login as the attacker, via a script on an external website. IMPORTANT: Fix includes a breaking change to the API login action. Any clients using it will need to be updated. (LP: #557159) - debian/patches/CSRF-no-CVE_rev-64680.patch - patch based on upstream SVN rev. 64680 - http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-April/000090.html - https://bugzilla.wikimedia.org/show_bug.cgi?id=23076 - CVE-2010-1150 Checksums-Sha1: d4c822c907e717d18b1011cc4e2b5b4b80ceae41 1344 mediawiki_1.12.0-2ubuntu0.5.dsc 8f38548caa047613555a5ef8b3616ae15c88c6ce 62759 mediawiki_1.12.0-2ubuntu0.5.diff.gz Checksums-Sha256: 9b237acedf3998cdd289c3791293d0baa5b22f831b8b956a55da78de3a2edf48 1344 mediawiki_1.12.0-2ubuntu0.5.dsc 87fdc5a0dfdb2ab446b87d48ee180ff4d3b0a2704e2e947be1a3b346bbf89722 62759 mediawiki_1.12.0-2ubuntu0.5.diff.gz Files: 9f93e8505e38c03eef643f33fa7cbe10 1344 web optional mediawiki_1.12.0-2ubuntu0.5.dsc 5db9f52d2bb060943d41f2bbf6df1229 62759 web optional mediawiki_1.12.0-2ubuntu0.5.diff.gz Original-Maintainer: Mediawiki Maintenance Team &lt;pkg-mediawiki-devel&lt; at &gt;lists.alioth.debian.org&gt; </pre> Ubuntu Installer 2010-04-08T20:03:54 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9606 <pre>moin (1.7.1-1ubuntu1.5) intrepid-security; urgency=low * SECURITY UPDATE: fix XSS in Despam action - debian/patches/30006_CVE-2010-0828.patch: use wikiutil.escape() in revert_pages() - CVE-2010-0828 * SECURITY UPDATE: fix bypass of textcha protection - debian/patches/30007_CVE-2010-1238.patch: make sure the question and answer form fields are filled in - CVE-2010-1238 Date: Tue, 30 Mar 2010 13:53:34 -0500 Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/moin/1.7.1-1ubuntu1.5 Format: 1.8 Date: Tue, 30 Mar 2010 13:53:34 -0500 Source: moin Binary: python-moinmoin Architecture: source Version: 1.7.1-1ubuntu1.5 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Jamie Strandboge &lt;jamie-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: python-moinmoin - Python clone of WikiWiki - library Changes: moin (1.7.1-1ubuntu1.5) intrepid-security; urgency=low . * SECURITY UPDATE: fix XSS in Despam action - debian/patches/30006_CVE-2010-0828.patch: use wikiutil.escape() in revert_pages() - CVE-2010-0828 * SECURITY UPDATE: fix bypass of textcha protection - debian/patches/30007_CVE-2010-1238.patch: make sure the question and answer form fields are filled in - CVE-2010-1238 Checksums-Sha1: d38885eac984f16ee4e61bbb013ebda0f754e42a 1351 moin_1.7.1-1ubuntu1.5.dsc 7388bfb68cae9a3017f05dddbe31e0dfc8856fa9 83136 moin_1.7.1-1ubuntu1.5.diff.gz Checksums-Sha256: f46743256c87ff9be19e3935a1cae01a67fd4393ccfd7980b1bc0c35c2f7405c 1351 moin_1.7.1-1ubuntu1.5.dsc f34edab2924043fe632026ee806a0bb3af412fb14484994f2fe5a1bd6164357f 83136 moin_1.7.1-1ubuntu1.5.diff.gz Files: e4bfab6c10cf06ef6ce52a740e13c22f 1351 net optional moin_1.7.1-1ubuntu1.5.dsc ed41db28059cd77f82f3a7086eb655b2 83136 net optional moin_1.7.1-1ubuntu1.5.diff.gz Original-Maintainer: Jonas Smedegaard &lt;dr-7wbikhHcsNQ&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-08T16:03:34 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9605 <pre>openjdk-6 (6b12-0ubuntu6.7) intrepid-security; urgency=low * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - 6626217: Loader-constraint table allows arrays instead of only the base-classes. - 6633872: Policy/PolicyFile leak dynamic ProtectionDomains. - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups. - 6736390: File TOCTOU deserialization vulnerability. - 6745393: Inflater/Deflater clone issues. - 6887703: Unsigned applet can retrieve the dragged information before drop action occur. - 6888149: AtomicReferenceArray causes SIGSEGV -&gt; SEGV_MAPERR error. - 6892265: System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes. - 6893947: Deserialization of RMIConnectionImpl objects should enforce stricter checks [ZDI-CAN-588]. - 6893954: Subclasses of InetAddress may incorrectly interpret network addresses [ZDI-CAN-603]. - 6894807: No ClassCastException for HashAttributeSet constructors if run with -Xcomp. - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs. - 6898739: TLS renegotiation issue. - 6899653: Java Runtime CMM readMabCurveData Buffer Overflow Vulnerability. - 6902299: Java JAR "unpack200" must verify input parameters. - 6904691: Java Applet Trusted Methods Chaining Privilege Escalation Vulnerability. - 6909597: Java Runtime Environment JPEGImageReader stepX Integer Overflow Vulnerability. - 6910590: Application can modify command array, in ProcessBuilder. - 6914823: Java AWT Library Invalid Index Vulnerability. - 6914866: JRE ImagingLib arbitrary code execution vulnerability. - 6932480: Crash in CompilerThread/Parser. Date: Mon, 29 Mar 2010 21:32:02 +0200 Changed-By: Matthias Klose &lt;doko-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/openjdk-6/6b12-0ubuntu6.7 Format: 1.8 Date: Mon, 29 Mar 2010 21:32:02 +0200 Source: openjdk-6 Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea6-plugin openjdk-6-source-files Architecture: source Version: 6b12-0ubuntu6.7 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Matthias Klose &lt;doko-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: icedtea6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a openjdk-6-dbg - Java runtime based on OpenJDK (debugging symbols) openjdk-6-demo - Java runtime based on OpenJDK (demos and examples) openjdk-6-doc - OpenJDK Development Kit (JDK) documentation openjdk-6-jdk - OpenJDK Development Kit (JDK) openjdk-6-jre - OpenJDK Java runtime, using ${vm:Name} openjdk-6-jre-headless - OpenJDK Java runtime, using ${vm:Name} (headless) openjdk-6-jre-lib - OpenJDK Java runtime (architecture independent libraries) openjdk-6-source - OpenJDK Development Kit (JDK) source files openjdk-6-source-files - OpenJDK 6 source files (used as a build dependency) Changes: openjdk-6 (6b12-0ubuntu6.7) intrepid-security; urgency=low . * SECURITY UPDATE: multiple upstream vulnerabilities. Upstream fixes: - 6626217: Loader-constraint table allows arrays instead of only the base-classes. - 6633872: Policy/PolicyFile leak dynamic ProtectionDomains. - 6639665: ThreadGroup finalizer allows creation of false root ThreadGroups. - 6736390: File TOCTOU deserialization vulnerability. - 6745393: Inflater/Deflater clone issues. - 6887703: Unsigned applet can retrieve the dragged information before drop action occur. - 6888149: AtomicReferenceArray causes SIGSEGV -&gt; SEGV_MAPERR error. - 6892265: System.arraycopy unable to reference elements beyond Integer.MAX_VALUE bytes. - 6893947: Deserialization of RMIConnectionImpl objects should enforce stricter checks [ZDI-CAN-588]. - 6893954: Subclasses of InetAddress may incorrectly interpret network addresses [ZDI-CAN-603]. - 6894807: No ClassCastException for HashAttributeSet constructors if run with -Xcomp. - 6898622: ObjectIdentifer.equals is not capable of detecting incorrectly encoded CommonName OIDs. - 6898739: TLS renegotiation issue. - 6899653: Java Runtime CMM readMabCurveData Buffer Overflow Vulnerability. - 6902299: Java JAR "unpack200" must verify input parameters. - 6904691: Java Applet Trusted Methods Chaining Privilege Escalation Vulnerability. - 6909597: Java Runtime Environment JPEGImageReader stepX Integer Overflow Vulnerability. - 6910590: Application can modify command array, in ProcessBuilder. - 6914823: Java AWT Library Invalid Index Vulnerability. - 6914866: JRE ImagingLib arbitrary code execution vulnerability. - 6932480: Crash in CompilerThread/Parser. Checksums-Sha1: f79cb7de5d468951675db46f81b3e034d8578726 2359 openjdk-6_6b12-0ubuntu6.7.dsc c96cb1e2759b96e702ed891cf90b5a2e0958f40a 1375087 openjdk-6_6b12-0ubuntu6.7.diff.gz Checksums-Sha256: f94c107723ba87c0d737fb9b9cd044880457fb6dde7512c9ab3510a45e9a4869 2359 openjdk-6_6b12-0ubuntu6.7.dsc c10466bded35f1c32556a7daa461ca6baecba0c248a5aa6db78ab90ff3d96ab4 1375087 openjdk-6_6b12-0ubuntu6.7.diff.gz Files: 60d4e5bf13b4ce37812dbf188b7824ad 2359 devel extra openjdk-6_6b12-0ubuntu6.7.dsc 10d1160d42871b6e8606373cbced4dc7 1375087 devel extra openjdk-6_6b12-0ubuntu6.7.diff.gz Original-Maintainer: OpenJDK Team &lt;openjdk-oU9gvf+ajcQ97yFScArB1dHuzzzSOjJt&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-07T05:07:00 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9604 <pre>krb5 (1.6.dfsg.4~beta1-3ubuntu0.4) intrepid-security; urgency=low * SECURITY UPDATE: unauthenticated remote KDC service crash. - debian/patches/MITKRB5-SA-2010-003 applied inline. Date: Tue, 06 Apr 2010 18:00:29 -0700 Changed-By: Kees Cook &lt;kees-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/krb5/1.6.dfsg.4~beta1-3ubuntu0.4 Format: 1.8 Date: Tue, 06 Apr 2010 18:00:29 -0700 Source: krb5 Binary: libkadm55 libkrb53 krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc Architecture: source Version: 1.6.dfsg.4~beta1-3ubuntu0.4 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Kees Cook &lt;kees-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: krb5-admin-server - MIT Kerberos master server (kadmind) krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-doc - Documentation for MIT Kerberos krb5-ftpd - Secure FTP server supporting MIT Kerberos krb5-kdc - MIT Kerberos key server (KDC) krb5-kdc-ldap - MIT Kerberos key server (KDC) LDAP plugin krb5-pkinit - PKINIT plugin for MIT Kerberos krb5-rsh-server - Secure replacements for rshd and rlogind using MIT Kerberos krb5-telnetd - Secure telnet server supporting MIT Kerberos krb5-user - Basic programs to authenticate using MIT Kerberos libkadm55 - MIT Kerberos administration runtime libraries libkrb5-dbg - Debugging files for MIT Kerberos libkrb5-dev - Headers and development libraries for MIT Kerberos libkrb53 - MIT Kerberos runtime libraries Changes: krb5 (1.6.dfsg.4~beta1-3ubuntu0.4) intrepid-security; urgency=low . * SECURITY UPDATE: unauthenticated remote KDC service crash. - debian/patches/MITKRB5-SA-2010-003 applied inline. Checksums-Sha1: a4a6b4317e38700dd2512e2e322bcec12f2ef085 1671 krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc b511034c28f3bef64dfa8408d24f7a2ed08fa5b1 858566 krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz Checksums-Sha256: f0ac545a0828a72b556f3b44316c79dd9daf709f8d8c294888f9727db7927696 1671 krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc cd044d65c26d4ce52f8d1067c192f37bd7bfebbc70b5f2dbb9f08d24a301a7fd 858566 krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz Files: e03526558ccf9a954c92a3e257e66351 1671 net standard krb5_1.6.dfsg.4~beta1-3ubuntu0.4.dsc abe6f3bf8714b16dd084cd583b5aa350 858566 net standard krb5_1.6.dfsg.4~beta1-3ubuntu0.4.diff.gz Original-Maintainer: Sam Hartman &lt;hartmans-8fiUuRrzOP0dnm+yROfE0A&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-04-07T05:06:41 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9603 <pre>tzdata (2010h~repack-0ubuntu0.8.10) intrepid-proposed; urgency=low * New upstream release 2010h: - Africa/Tunis (Tunesia): Drop DST permanently. (LP: #550157) - Asia/Karachi (Pakistan): Drop DST permanently. Date: Tue, 06 Apr 2010 10:30:29 +0200 Changed-By: Martin Pitt &lt;martin.pitt-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://edge.launchpad.net/ubuntu/intrepid/+source/tzdata/2010h~repack-0ubuntu0.8.10 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 06 Apr 2010 10:30:29 +0200 Source: tzdata Binary: tzdata tzdata-java Architecture: source Version: 2010h~repack-0ubuntu0.8.10 Distribution: intrepid-proposed Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Martin Pitt &lt;martin.pitt-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: tzdata - time zone and daylight-saving time data tzdata-java - time zone and daylight-saving time data for use by java runtimes Launchpad-Bugs-Fixed: 550157 Changes: tzdata (2010h~repack-0ubuntu0.8.10) intrepid-proposed; urgency=low . * New upstream release 2010h: - Africa/Tunis (Tunesia): Drop DST permanently. (LP: #550157) - Asia/Karachi (Pakistan): Drop DST permanently. Checksums-Sha1: e099ac6c51329ae44f4ad63c23a8290541f5a536 1300 tzdata_2010h~repack-0ubuntu0.8.10.dsc 6e7babc2e2666297131d54a64e63979691b78a07 188426 tzdata_2010h~repack.orig.tar.gz 776e254aaade339828b258d27c6ebd3dd8f308d0 218500 tzdata_2010h~repack-0ubuntu0.8.10.diff.gz Checksums-Sha256: 55bca7780d504b84338b25b8081ddf134f6270b50498da45db5c71b76af9fd0c 1300 tzdata_2010h~repack-0ubuntu0.8.10.dsc 906e479e4b2b2ce1267c74d0201362f7de5681281da4e1e90c83ac22d9a22380 188426 tzdata_2010h~repack.orig.tar.gz 7583373a0ac383d01672c376cc9dbef0e9d267fc8950780716024dae9e4bde24 218500 tzdata_2010h~repack-0ubuntu0.8.10.diff.gz Files: 0f078d1e9bbb4c03cd8f0d04d6b383ea 1300 libs required tzdata_2010h~repack-0ubuntu0.8.10.dsc f13e1cf669cdd503f44a97f88431ba70 188426 libs required tzdata_2010h~repack.orig.tar.gz 97a2f133c84eb43c7fad15cdc8463eb3 218500 libs required tzdata_2010h~repack-0ubuntu0.8.10.diff.gz Original-Maintainer: GNU Libc Maintainers &lt;debian-glibc-0aAXYlwwYIJuHlm7Suoebg&lt; at &gt;public.gmane.org&gt; -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAku68UkACgkQDecnbV4Fd/IQLACeK6RZDNdg+xy1q2bOvNl2JXqC 2x4AoOkRMU+9LHb/XFpMmkWHxKxDbAq7 =Mwze -----END PGP SIGNATURE----- </pre> Martin Pitt 2010-04-06T08:45:23 http://comments.gmane.org/gmane.linux.ubuntu.devel.changes.intrepid/9602 <pre>libnss-db (2.2.3pre1-3ubuntu1.8.10.2) intrepid-security; urgency=low * SECURITY UPDATE: allows reading of arbitrary file contents (LP: #531976) - Add 200-set-db-environment.dpatch: set environment correctly. - CVE-2010-0826 Date: Tue, 30 Mar 2010 10:41:17 -0700 Changed-By: Kees Cook &lt;kees-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; https://launchpad.net/ubuntu/intrepid/+source/libnss-db/2.2.3pre1-3ubuntu1.8.10.2 Format: 1.8 Date: Tue, 30 Mar 2010 10:41:17 -0700 Source: libnss-db Binary: libnss-db Architecture: source Version: 2.2.3pre1-3ubuntu1.8.10.2 Distribution: intrepid-security Urgency: low Maintainer: Ubuntu Core Developers &lt;ubuntu-devel-discuss-nLRlyDuq1AZFpShjVBNYrg&lt; at &gt;public.gmane.org&gt; Changed-By: Kees Cook &lt;kees-GeWIH/nMZzLQT0dZR+AlfA&lt; at &gt;public.gmane.org&gt; Description: libnss-db - NSS module for using Berkeley Databases as a naming service Launchpad-Bugs-Fixed: 531976 Changes: libnss-db (2.2.3pre1-3ubuntu1.8.10.2) intrepid-security; urgency=low . * SECURITY UPDATE: allows reading of arbitrary file contents (LP: #531976) - Add 200-set-db-environment.dpatch: set environment correctly. - CVE-2010-0826 Checksums-Sha1: b705adc59bcf4d008c8bc2df25eab320112f31f4 1454 libnss-db_2.2.3pre1-3ubuntu1.8.10.2.dsc bcdf004a12e641ddb37ebf4c41c0cef14d3b1e0d 520678 libnss-db_2.2.3pre1-3ubuntu1.8.10.2.diff.gz Checksums-Sha256: e5abcf174f16f12ad7d563d1f99586416fea27c639c255d9698ee720200d5271 1454 libnss-db_2.2.3pre1-3ubuntu1.8.10.2.dsc 988cb09b5c1f0719a0bb3738f381fa32c5e588524a97f530f882df8c3311af1d 520678 libnss-db_2.2.3pre1-3ubuntu1.8.10.2.diff.gz Files: 3d5c2f0c417203490962f6993e07fc7a 1454 admin standard libnss-db_2.2.3pre1-3ubuntu1.8.10.2.dsc 30aa88974f0353eb151484fdb08221a7 520678 admin standard libnss-db_2.2.3pre1-3ubuntu1.8.10.2.diff.gz Original-Maintainer: Piotr Roszatycki &lt;dexter-8fiUuRrzOP0dnm+yROfE0A&lt; at &gt;public.gmane.org&gt; </pre> Ubuntu Installer 2010-03-31T19:03:47 Search the mailing list at Gmane query http://search.gmane.org/?group=$group=gmane.linux.ubuntu.devel.changes.intrepid