The OVAL Repository5.42015-09-03T06:28:32.896-04:00USN-2639-1 -- openssl vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 15.04Ubuntu 14.10opensslopenssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-2608-1 -- qemu vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 15.04Ubuntu 14.10qemu-kvmqemu-systemqemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUSN-2435-1 -- Graphviz vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04graphvizIt was discovered that graphviz incorrectly handled parsing errors. An
attacker could use this issue to cause graphviz to crash or possibly
execute arbitrary code.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2436-1 -- X.Org X server vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04xorg-serverxorg-server-lts-trustyIlja van Sprundel discovered a multitude of security issues in the X.Org X
server. An attacker able to connect to an X server, either locally or
remotely, could use these issues to cause the X server to crash or execute
arbitrary code resulting in possible privilege escalation.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2438-1 -- NVIDIA graphics drivers vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04nvidia-graphics-drivers-304nvidia-graphics-drivers-304-updatesnvidia-graphics-drivers-331nvidia-graphics-drivers-331-updatesIt was discovered that the NVIDIA graphics drivers incorrectly handled GLX
indirect rendering support. An attacker able to connect to an X server,
either locally or remotely, could use these issues to cause the X server to
crash or execute arbitrary code resulting in possible privilege escalation.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2639-1 -- openssl vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 15.04Ubuntu 14.10opensslopenssl: Secure Socket Layer cryptographic library and tools Several security issues were fixed in OpenSSL.SecPod TeamDRAFTINTERIMACCEPTEDACCEPTEDUbuntu 15.04 is installedUbuntu 15.04Ubuntu 15.04 is installedMaria MikhnoDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2447-1 -- Linux kernel (Utopic HWE) vulnerabilitiesUbuntu 14.04linux-lts-utopicCVE-2014-8134)
Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace
subsystem of the Linux kernel does not properly handle private syscall
numbers. A local user could exploit this flaw to cause a denial of service
(OOPS). (CVE-2014-7826)
A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel was discovered. A
remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-3673)
A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel was discovered. A
remote attacker could exploit this flaw to cause a denial of service
(panic). (CVE-2014-3687)
It was discovered that excessive queuing by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel can cause memory
pressure. A remote attacker could exploit this flaw to cause a denial of
service. (CVE-2014-3688)
Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the
perf subsystem of the Linux kernel handles private systecall numbers. A
local user could exploit this to cause a denial of service (OOPS) or bypass
ASLR protections via a crafted application. (CVE-2014-7825)
Andy Lutomirski discovered a flaw in how the Linux kernel handles
pivot_root when used with a chroot directory. A local user could exploit
this flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970)
Dmitry Monakhov discovered a race condition in the ext4_file_write_iter
function of the Linux kernel's ext4 filesystem. A local user could exploit
this flaw to cause a denial of service (file unavailability).
(CVE-2014-8086)
The KVM (kernel virtual machine) subsystem of the Linux kernel
miscalculates the number of memory pages during the handling of a mapping
failure. A guest OS user could exploit this to cause a denial of service
(host OS page unpinning) or possibly have unspecified other impact by
leveraging guest OS privileges. (CVE-2014-8369)
Andy Lutomirski discovered that the Linux kernel does not properly handle
faults associated with the Stack Segment (SS) register on the x86
architecture. A local attacker could exploit this flaw to cause a denial of
service (panic). (CVE-2014-9090)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2434-1 -- JasPer vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04jasperJose Duart discovered that JasPer incorrectly handled certain malformed
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash
or possibly execute arbitrary code with user privileges.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2446-1 -- Linux kernel vulnerabilitiesUbuntu 14.04linuxCVE-2014-8134)
Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace
subsystem of the Linux kernel does not properly handle private syscall
numbers. A local user could exploit this flaw to cause a denial of service
(OOPS). (CVE-2014-7826)
A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel was discovered. A
remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-3673)
A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel was discovered. A
remote attacker could exploit this flaw to cause a denial of service
(panic). (CVE-2014-3687)
It was discovered that excessive queuing by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel can cause memory
pressure. A remote attacker could exploit this flaw to cause a denial of
service. (CVE-2014-3688)
Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the
perf subsystem of the Linux kernel handles private systecall numbers. A
local user could exploit this to cause a denial of service (OOPS) or bypass
ASLR protections via a crafted application. (CVE-2014-7825)
The KVM (kernel virtual machine) subsystem of the Linux kernel
miscalculates the number of memory pages during the handling of a mapping
failure. A guest OS user could exploit this to cause a denial of service
(host OS page unpinning) or possibly have unspecified other impact by
leveraging guest OS privileges. (CVE-2014-8369)
Andy Lutomirski discovered that the Linux kernel does not properly handle
faults associated with the Stack Segment (SS) register on the x86
architecture. A local attacker could exploit this flaw to cause a denial of
service (panic). (CVE-2014-9090)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2439-1 -- QEMU vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04qemuqemu-kvmMichael S. Tsirkin discovered that QEMU incorrectly handled certain
parameters during ram load while performing a migration. An attacker able
to manipulate savevm data could use this issue to possibly execute
arbitrary code on the host. This issue only affected Ubuntu 12.04 LTS,
Ubuntu 14.04 LTS, and Ubuntu 14.10. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7840">CVE-2014-7840</a>)
Paolo Bonzini discovered that QEMU incorrectly handled memory in the Cirrus
VGA device. A malicious guest could possibly use this issue to write into
memory of the host, leading to privilege escalation. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-8106">CVE-2014-8106</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2423-1 -- ClamAV vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04clamavKurt Seifried discovered that ClamAV incorrectly handled certain JavaScript
files. An attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2013-6497">CVE-2013-6497</a>)
Damien Millescamp discovered that ClamAV incorrectly handled certain PE
files. An attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9050">CVE-2014-9050</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2422-1 -- Squid vulnerabilitiesUbuntu 14.10Ubuntu 14.04squid3Sebastian Krahmer discovered that the Squid pinger incorrectly handled
certain malformed ICMP packets. A remote attacker could possibly use this
issue to cause Squid to crash, resulting in a denial of service.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2431-1 -- mod_wsgi vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04mod-wsgiIt was discovered that mod_wsgi incorrectly handled errors when setting up
the working directory and group access rights. A malicious application
could possibly use this issue to cause a local privilege escalation when
using daemon mode.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2420-1 -- Linux kernel vulnerabilitiesUbuntu 14.04linuxCVE-2014-3690)
Don Bailey discovered a flaw in the LZO decompress algorithm used by the
Linux kernel. An attacker could exploit this flaw to cause a denial of
service (memory corruption or OOPS). (CVE-2014-4608)
Andy Lutomirski discovered a flaw in how the Linux kernel handles
pivot_root when used with a chroot directory. A local user could exploit
this flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970)
Andy Lutomirski discovered that the Linux kernel was not checking the
CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could
exploit this flaw to cause a denial of service (loss of writability).
(CVE-2014-7975)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2427-1 -- Libksba vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04libksbaHanno Böck discovered that Libksba incorrectly handled certain S/MIME
messages or ECC based OpenPGP data. An attacker could use this issue to
cause Libksba to crash, resulting in a denial of service, or possibly
execute arbitrary code.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2429-1 -- ppp vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04pppIt was discovered that ppp incorrectly handled certain options files. A
local attacker could possibly use this issue to escalate privileges.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2425-1 -- DBus vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04dbusIt was discovered that DBus incorrectly handled a large number of file
descriptor messages. A local attacker could use this issue to cause DBus to
stop responding, resulting in a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7824">CVE-2014-7824</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2430-1 -- OpenVPN vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04openvpnDragana Damjanovic discovered that OpenVPN incorrectly handled certain
control channel packets. An authenticated attacker could use this issue to
cause an OpenVPN server to crash, resulting in a denial of service.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2413-1 -- AppArmor vulnerabilityUbuntu 14.04apparmorAn AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under
certain circumstances, a malicious application could use this flaw to perform
operations that are not allowed by AppArmor policy. The flaw may also prevent
applications from accessing resources that are allowed by AppArmor policy.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2440-1 -- Mutt vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04muttJakub Wilk discovered that the write_one_header function in mutt
did not properly handle newline characters at the beginning of a
header. An attacker could specially craft an email to cause mutt to
crash, resulting in a denial of service.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2426-1 -- FLAC vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04flacMichele Spagnuolo discovered that FLAC incorrectly handled certain
malformed audio files. An attacker could use this issue to cause FLAC to
crash, resulting in a denial of service, or possibly execute arbitrary
code.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2424-1 -- Firefox vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04firefoxCVE-2014-1587, CVE-2014-1588)
Cody Crews discovered a way to trigger chrome-level XBL bindings from web
content in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
bypass security restrictions. (CVE-2014-1589)
Joe Vennix discovered a crash when using XMLHttpRequest in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service. (CVE-2014-1590)
Muneaki Nishimura discovered that CSP violation reports did not remove
path information in some circumstances. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to obtain sensitive information. (CVE-2014-1591)
Berend-Jan Wever discovered a use-after-free during HTML parsing. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2014-1592)
Abhishek Arya discovered a buffer overflow when parsing media content. If
a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2014-1593)
Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the
compositor. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause undefined
behaviour, a denial of service via application crash or execute abitrary
code with the privileges of the user invoking Firefox. (CVE-2014-1594)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2428-1 -- Thunderbird vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04thunderbirdCVE-2014-1587)
Joe Vennix discovered a crash when using XMLHttpRequest in some
circumstances. If a user were tricked in to opening a specially crafted
message with scripting enabled, an attacker could potentially exploit this
to cause a denial of service. (CVE-2014-1590)
Berend-Jan Wever discovered a use-after-free during HTML parsing. If a
user were tricked in to opening a specially crafted message with scripting
enabled, an attacker could potentially exploit this to cause a denial of
service via application crash or execute arbitrary code with the
privileges of the user invoking Thunderbird. (CVE-2014-1592)
Abhishek Arya discovered a buffer overflow when parsing media content. If
a user were tricked in to opening a specially crafted message with
scripting enabled, an attacker could potentially exploit this to cause a
denial of service via application crash or execute arbitrary code with the
privileges of the user invoking Thunderbird. (CVE-2014-1593)
Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the
compositor. If a user were tricked in to opening a specially crafted
message, an attacker could potentially exploit this to cause undefined
behaviour, a denial of service via application crash or execute abitrary
code with the privileges of the user invoking Thunderbird. (CVE-2014-1594)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2433-1 -- tcpdump vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04tcpdumpCVE-2014-8767)
Steffen Bauch discovered that tcpdump incorrectly handled printing GeoNet
packets. A remote attacker could use this issue to cause tcpdump to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only applied to Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-8768)
Steffen Bauch discovered that tcpdump incorrectly handled printing AODV
packets. A remote attacker could use this issue to cause tcpdump to crash,
resulting in a denial of service, reveal sensitive information, or possibly
execute arbitrary code. (CVE-2014-8769)
It was discovered that tcpdump incorrectly handled printing PPP packets. A
remote attacker could use this issue to cause tcpdump to crash, resulting
in a denial of service, or possibly execute arbitrary code.
(CVE-2014-9140)
In the default installation, attackers would be isolated by the tcpdump
AppArmor profile.]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2409-1 -- QEMU vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04qemuqemu-kvmCVE-2014-3615)
Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly
handled certain udp packets when using guest networking. A malicious guest
could possibly use this issue to cause a denial of service. (CVE-2014-3640)
It was discovered that QEMU incorrectly handled parameter validation in
the vmware_vga device. A malicious guest could possibly use this issue to
write into memory of the host, leading to privilege escalation.
(CVE-2014-3689)
It was discovered that QEMU incorrectly handled USB xHCI controller live
migration. An attacker could possibly use this issue to cause a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 LTS. (CVE-2014-5263)
Michael S. Tsirkin discovered that QEMU incorrectly handled memory in the
ACPI PCI hotplug interface. A malicious guest could possibly use this issue
to access memory of the host, leading to information disclosure or
privilege escalation. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-5388)
James Spadaro discovered that QEMU incorrectly handled certain VNC
bytes_per_pixel values. An attacker having access to a VNC console could
possibly use this issue to cause a guest to crash, resulting in a denial of
service. (CVE-2014-7815)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2449-1 -- NTP vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04ntpCVE-2014-9293)
Stephen Roettger discovered that NTP generated weak MD5 keys. A remote
attacker could possibly use this issue to brute force the MD5 key and spoof
a client or server. (CVE-2014-9294)
Stephen Roettger discovered that NTP contained buffer overflows in the
crypto_recv(), ctl_putdata() and configure() functions. In non-default
configurations, a remote attacker could use these issues to cause NTP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. The default compiler options for affected releases should reduce the
vulnerability to a denial of service. In addition, attackers would be
isolated by the NTP AppArmor profile. (CVE-2014-9295)
Stephen Roettger discovered that NTP incorrectly continued processing when
handling certain errors. (CVE-2014-9296)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2390-1 -- Pidgin vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04pidginCVE-2014-3694)
Yves Younan and Richard Johnson discovered that Pidgin incorrectly handled
certain malformed MXit emoticons. A malicious remote server or a man in the
middle could use this issue to cause Pidgin to crash, resulting in a denial
of service. (CVE-2014-3695)
Yves Younan and Richard Johnson discovered that Pidgin incorrectly handled
certain malformed Groupwise messages. A malicious remote server or a man in
the middle could use this issue to cause Pidgin to crash, resulting in a
denial of service. (CVE-2014-3696)
Thijs Alkemade and Paul Aurich discovered that Pidgin incorrectly handled
memory when processing XMPP messages. A malicious remote server or user
could use this issue to cause Pidgin to disclosure arbitrary memory,
resulting in an information leak. (CVE-2014-3698)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2436-2 -- X.Org X server vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04xorg-serverxorg-server-lts-trustyUSN-2436-1 fixed vulnerabilities in the X.Org X server. Since publication,
additional fixes have been made available for these issues. This update
adds the additional fixes.
Original advisory details:
Ilja van Sprundel discovered a multitude of security issues in the X.Org X
server. An attacker able to connect to an X server, either locally or
remotely, could use these issues to cause the X server to crash or execute
arbitrary code resulting in possible privilege escalation.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2397-1 -- Ruby vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04ruby1.8ruby1.9.1ruby2.0ruby2.1Will Wood discovered that Ruby incorrectly handled the encodes() function.
An attacker could possibly use this issue to cause Ruby to crash, resulting
in a denial of service, or possibly execute arbitrary code. The default
compiler options for affected releases should reduce the vulnerability to a
denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-4975">CVE-2014-4975</a>)
Willis Vandevanter discovered that Ruby incorrectly handled XML entity
expansion. An attacker could use this flaw to cause Ruby to consume large
amounts of resources, resulting in a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-8080">CVE-2014-8080</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2406-1 -- OpenStack Keystone vulnerabilityUbuntu 14.04keystoneBrant Knudson discovered that OpenStack Keystone did not properly perform
input sanitization when performing endpoint catalog substitution. A remote
attacker with privileged access for creating endpoints could exploit this
to obtain sensitive information.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2412-1 -- Ruby vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04ruby1.8ruby1.9.1ruby2.0ruby2.1Tomas Hoger discovered that Ruby incorrectly handled XML entity expansion.
An attacker could use this flaw to cause Ruby to consume large amounts of
resources, resulting in a denial of service.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2395-1 -- Linux kernel vulnerabilitiesUbuntu 14.04linuxCVE-2014-3647)
A flaw was discovered with the handling of the invept instruction in the
KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged
guest user could exploit this flaw to cause a denial of service (system
crash) on the guest. (CVE-2014-3646)
Lars Bull reported a race condition in the PIT (programmable interrupt
timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux
kernel. A local guest user with access to PIT i/o ports could exploit this
flaw to cause a denial of service (crash) on the host. (CVE-2014-3611)
Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual
Machine) handles noncanonical writes to certain MSR registers. A privileged
guest user can exploit this flaw to cause a denial of service (kernel
panic) on the host. (CVE-2014-3610)
Raphael Geissert reported a NULL pointer dereference in the Linux kernel's
CIFS client. A remote CIFS server could cause a denial of service (system
crash) or possibly have other unspecified impact by deleting IPC$ share
during resolution of DFS referrals. (CVE-2014-7145)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2407-1 -- OpenStack Nova vulnerabilitiesUbuntu 14.04novaGarth Mollett discovered that OpenStack Nova did not properly clean up an
instance when using rescue mode with the VMWare driver. A remove
authenticated user could exploit this to bypass intended quota limits. By
default, Ubuntu does not use the VMWare driver. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3608">CVE-2014-3608</a>)
Amrith Kumar discovered that OpenStack Nova did not properly sanitize log
message contents. Under certain circumstances, a local attacker with read
access to Nova log files could obtain access to sensitive information.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7230">CVE-2014-7230</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2393-1 -- Wget vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04wgetHD Moore discovered that Wget contained a path traversal vulnerability
when downloading symlinks using FTP. A malicious remote FTP server or a man
in the middle could use this issue to cause Wget to overwrite arbitrary
files, possibly leading to arbitrary code execution.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2399-1 -- curl vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04curlSymeon Paraschoudis discovered that curl incorrectly handled memory when
being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may
result in sensitive data being incorrectly sent to the remote server.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2408-1 -- OpenStack Neutron vulnerabilityUbuntu 14.04neutronElena Ezhova discovered that OpenStack Neutron did not properly perform
access control checks for attributes. A remote authenticated attacker could
exploit this to bypass intended access controls and reset admin-only
attributes to default values.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2404-1 -- libvirt vulnerabilitiesUbuntu 14.10Ubuntu 14.04libvirtPavel Hrdina discovered that libvirt incorrectly handled locking when
processing the virConnectListAllDomains command. An attacker could use this
issue to cause libvirtd to hang, resulting in a denial of service.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3657">CVE-2014-3657</a>)
Eric Blake discovered that libvirt incorrectly handled permissions when
processing the qemuDomainFormatXML command. An attacker with read-only
privileges could possibly use this to gain access to certain information
from the domain xml file. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7823">CVE-2014-7823</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2391-1 -- php5 vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04php5CVE-2014-3668)
Symeon Paraschoudis discovered that PHP incorrectly handled unserializing
objects. A remote attacker could possibly use this issue to cause PHP to
crash, resulting in a denial of service. (CVE-2014-3669)
Otto Ebeling discovered that PHP incorrectly handled the exif_thumbnail
function. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2014-3670)
Francisco Alonso that PHP incorrectly handled ELF files in the fileinfo
extension. A remote attacker could possibly use this issue to cause PHP to
crash, resulting in a denial of service. (CVE-2014-3710)
It was discovered that PHP incorrectly handled NULL bytes when processing
certain URLs with the curl functions. A remote attacker could possibly use
this issue to bypass filename restrictions and obtain access to sensitive
files. (No CVE number)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2432-1 -- GNU C Library vulnerabilitiesUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04eglibcglibcCVE-2012-6656)
Adhemerval Zanella Netto discovered that the GNU C Library incorrectly
handled certain multibyte characters when using the iconv function. An
attacker could possibly use this issue to cause applications to crash,
resulting in a denial of service. (CVE-2014-6040)
Tim Waugh discovered that the GNU C Library incorrectly enforced the
WRDE_NOCMD flag when handling the wordexp function. An attacker could
possibly use this issue to execute arbitrary commands. (CVE-2014-7817)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2447-2 -- Linux kernel (Utopic HWE) regressionUbuntu 14.04linux-lts-utopicCVE-2014-8134)
Rabin Vincent, Robert Swiecki, Russell King discovered that the ftrace
subsystem of the Linux kernel does not properly handle private syscall
numbers. A local user could exploit this flaw to cause a denial of service
(OOPS). (CVE-2014-7826)
A flaw in the handling of malformed ASCONF chunks by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel was discovered. A
remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-3673)
A flaw in the handling of duplicate ASCONF chunks by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel was discovered. A
remote attacker could exploit this flaw to cause a denial of service
(panic). (CVE-2014-3687)
It was discovered that excessive queuing by SCTP (Stream Control
Transmission Protocol) implementation in the Linux kernel can cause memory
pressure. A remote attacker could exploit this flaw to cause a denial of
service. (CVE-2014-3688)
Rabin Vincent, Robert Swiecki, Russell Kinglaw discovered a flaw in how the
perf subsystem of the Linux kernel handles private systecall numbers. A
local user could exploit this to cause a denial of service (OOPS) or bypass
ASLR protections via a crafted application. (CVE-2014-7825)
Andy Lutomirski discovered a flaw in how the Linux kernel handles
pivot_root when used with a chroot directory. A local user could exploit
this flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970)
Dmitry Monakhov discovered a race condition in the ext4_file_write_iter
function of the Linux kernel's ext4 filesystem. A local user could exploit
this flaw to cause a denial of service (file unavailability).
(CVE-2014-8086)
The KVM (kernel virtual machine) subsystem of the Linux kernel
miscalculates the number of memory pages during the handling of a mapping
failure. A guest OS user could exploit this to cause a denial of service
(host OS page unpinning) or possibly have unspecified other impact by
leveraging guest OS privileges. (CVE-2014-8369)
Andy Lutomirski discovered that the Linux kernel does not properly handle
faults associated with the Stack Segment (SS) register on the x86
architecture. A local attacker could exploit this flaw to cause a denial of
service (panic). (CVE-2014-9090)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2431-2 -- MAAS regressionUbuntu 14.10Ubuntu 14.04Ubuntu 12.04maasUSN-2431-1 fixed vulnerabilities in mod_wsgi. The security update exposed
an issue in the MAAS package, causing a regression. This update fixes the
problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that mod_wsgi incorrectly handled errors when setting up
the working directory and group access rights. A malicious application
could possibly use this issue to cause a local privilege escalation when
using daemon mode.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2437-1 -- Bind vulnerabilityUbuntu 14.10Ubuntu 14.04Ubuntu 12.04Ubuntu 10.04bind9Florian Maury discovered that Bind incorrectly handled delegation. A remote
attacker could possibly use this issue to cause Bind to consume resources
and crash, resulting in a denial of service.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2405-1 -- OpenStack Cinder vulnerabilitiesUbuntu 14.04cinderDuncan Thomas discovered that OpenStack Cinder did not properly track the
file format when using the GlusterFS of Smbfs drivers. A remote
authenticated user could exploit this to potentially obtain file contents
from the compute host. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3641">CVE-2014-3641</a>)
Amrith Kumar discovered that OpenStack Cinder did not properly sanitize log
message contents. Under certain circumstances, a local attacker with read
access to Cinder log files could obtain access to sensitive information.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7230">CVE-2014-7230</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2410-1 -- Oxide vulnerabilitiesUbuntu 14.10Ubuntu 14.04oxide-qtCVE-2014-7904)
Multiple use-after-frees were discovered in Blink. If a user were tricked
in to opening a specially crafted website, an attacked could potentially
exploit these to cause a denial of service via renderer crash or execute
arbitrary code with the privileges of the sandboxed render process.
(CVE-2014-7907)
An integer overflow was discovered in media. If a user were tricked in to
opening a specially crafted website, an attacked could potentially exploit
this to cause a denial of service via renderer crash or execute arbitrary
code with the privileges of the sandboxed render process. (CVE-2014-7908)
An uninitialized memory read was discovered in Skia. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via renderer crash.
(CVE-2014-7909)
Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial of
service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2014-7910)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUSN-2398-1 -- LibreOffice vulnerabilityUbuntu 14.10Ubuntu 14.04libreofficeIt was discovered that LibreOffice incorrectly handled the Impress remote
control port. An attacker could possibly use this issue to cause Impress to
crash, resulting in a denial of service, or possibly execute arbitrary
code.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUbuntu 14.10 is installedUbuntu 14.10Ubuntu 14.10 is installedMaria MikhnoDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2389-1 -- libxml2 vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04libxml2It was discovered that libxml2 would incorrectly perform entity
substitution even when requested not to. If a user or automated system were
tricked into opening a specially crafted document, an attacker could
possibly cause resource consumption, resulting in a denial of service.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2387-1 -- pollinate updateUbuntu 14.04pollinateThe pollinate package bundles the certificate for entropy.ubuntu.com. This
update refreshes the certificate to match the one currently used on the
server.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2365-1 -- libvncserver vulnerabilitiesUbuntu 14.04Ubuntu 12.04libvncserverSeveral security issues were fixed in LibVNCServer.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2388-1 -- OpenJDK 7 vulnerabilitiesUbuntu 14.04openjdk-7CVE-2014-6457)
Several vulnerabilities were discovered in the OpenJDK JRE related to data
integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6527,
CVE-2014-6558)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit these to expose sensitive
data over the network. (CVE-2014-6504, CVE-2014-6511, CVE-2014-6517,
CVE-2014-6531)
Two vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-6506, CVE-2014-6513)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2364-1 -- bash vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04bashSeveral security issues were fixed in Bash.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2383-1 -- wpa_supplicant vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04wpawpasupplicantJouni Malinen discovered that the wpa_cli tool incorrectly sanitized
strings when being used with action scripts. A remote attacker could
possibly use this issue to execute arbitrary commands.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2369-1 -- file vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04filefile could be made to crash or run programs as your login if it opened a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2371-1 -- exuberant-ctags vulnerabilityUbuntu 14.04Ubuntu 12.04exuberant-ctagsExuberant Ctags could be made to consume resources.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2385-1 -- OpenSSL vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04opensslIt was discovered that OpenSSL incorrectly handled memory when parsing
DTLS SRTP extension data. A remote attacker could possibly use this issue
to cause OpenSSL to consume resources, resulting in a denial of service.
This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3513">CVE-2014-3513</a>)
It was discovered that OpenSSL incorrectly handled memory when verifying
the integrity of a session ticket. A remote attacker could possibly use
this issue to cause OpenSSL to consume resources, resulting in a denial of
service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3567">CVE-2014-3567</a>)
In addition, this update introduces support for the TLS Fallback Signaling
Cipher Suite Value (TLS_FALLBACK_SCSV). This new feature prevents protocol
downgrade attacks when certain applications such as web browsers attempt
to reconnect using a lower protocol version for interoperability reasons.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2373-1 -- Thunderbird vulnerabilitiesUbuntu 14.04Ubuntu 12.04thunderbirdCVE-2014-1574)
Atte Kettunen discovered a buffer overflow during CSS manipulation. If a
user were tricked in to opening a specially crafted message, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Thunderbird. (CVE-2014-1576)
Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a
user were tricked in to opening a specially crafted message with scripting
enabled, an attacker could potentially exploit this to steal sensitive
information. (CVE-2014-1577)
Abhishek Arya discovered an out-of-bounds write when buffering WebM video
in some circumstances. If a user were tricked in to opening a specially
crafted message with scripting enabled, an attacker could potentially
exploit this to cause a denial of service via application crash or execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2014-1578)
A use-after-free was discovered during text layout in some circumstances.
If a user were tricked in to opening a specially crafted message with
scripting enabled, an attacker could potentially exploit this to cause a
denial of service via application crash or execute arbitrary code with
the privileges of the user invoking Thunderbird. (CVE-2014-1581)
Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing
via WebRTC in iframes, where video continues to be shared after being
stopped and navigating to a new site doesn't turn off the camera. An
attacker could potentially exploit this to access the camera without the
user being aware. (CVE-2014-1585, CVE-2014-1586)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2345-1 -- Oxide vulnerabilitiesUbuntu 14.04oxide-qtCVE-2014-3178, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192)
Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial of
service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2014-3179,
CVE-2014-3200)
It was discovered that Chromium did not properly handle the interaction of
IPC and V8. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to execute arbitrary
code with the privileges of the user invoking the program. (CVE-2014-3188)
A use-after-free was discovered in the web workers implementation in
Chromium. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit this to cause a denial of service
via applicatin crash or execute arbitrary code with the privileges of the
user invoking the program. (CVE-2014-3194)
It was discovered that V8 did not correctly handle Javascript heap
allocations in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
steal sensitive information. (CVE-2014-3195)
It was discovered that Blink did not properly provide substitute data for
pages blocked by the XSS auditor. If a user were tricked in to opening a
specially crafter website, an attacker could potentially exploit this to
steal sensitive information. (CVE-2014-3197)
It was discovered that the wrap function for Event's in the V8 bindings
in Blink produced an erroneous result in some circumstances. If a user
were tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service by stopping a worker
process that was handling an Event object. (CVE-2014-3199)
Multiple security issues were discovered in V8. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit these to read uninitialized memory, cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2014-7967)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2382-1 -- Requests vulnerabilitiesUbuntu 14.04requestsJakub Wilk discovered that Requests incorrectly reused authentication
credentials after being redirected. An attacker could possibly use this
issue to obtain authentication credentials intended for another site.
(<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1829">CVE-2014-1829</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1830">CVE-2014-1830</a>)Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2379-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2372-1 -- Firefox vulnerabilitiesUbuntu 14.04Ubuntu 12.04firefoxCVE-2014-1574, CVE-2014-1575)
Atte Kettunen discovered a buffer overflow during CSS manipulation. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2014-1576)
Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to steal sensitive information.
(CVE-2014-1577)
Abhishek Arya discovered an out-of-bounds write when buffering WebM video
in some circumstances. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2014-1578)
Michal Zalewski discovered that memory may not be correctly initialized
when rendering a malformed GIF in to a canvas in some circumstances. If
a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to steal sensitive information.
(CVE-2014-1580)
A use-after-free was discovered during text layout in some circumstances.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2014-1581)
Patrick McManus and David Keeler discovered 2 issues that could result
in certificate pinning being bypassed in some circumstances. An attacker
with a fraudulent certificate could potentially exploit this conduct a
man in the middle attack. (CVE-2014-1582, CVE-2014-1584)
Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing
via WebRTC in iframes, where video continues to be shared after being
stopped and navigating to a new site doesn't turn off the camera. An
attacker could potentially exploit this to access the camera without the
user being aware. (CVE-2014-1585, CVE-2014-1586)
Boris Zbarsky discovered that webapps could use the Alarm API to read the
values of cross-origin references. If a user were tricked in to installing
a specially crafter webapp, an attacker could potentially exploit this to
bypass same-origin restrictions. (CVE-2014-1583)]]>Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2366-1 -- libvirt vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04libvirtSeveral security issues were fixed in libvirt.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2330-1 -- thunderbird vulnerabilitiesUbuntu 14.04Ubuntu 12.04thunderbirdSeveral security issues were fixed in Thunderbird.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2360-1 -- firefox vulnerabilitiesUbuntu 14.04Ubuntu 12.04firefoxFraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDDEPRECATED: USN-2331-1 -- libreoffice vulnerabilityUbuntu 14.04libreofficeLibreOffice Calc could be made to crash or run programs as your login if it opened a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDMaria MikhnoDEPRECATEDDEPRECATEDUSN-2331-1 -- libreoffice vulnerabilityUbuntu 14.04libreofficeLibreOffice Calc could be made to crash or run programs as your login if it opened a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2348-1 -- apt vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04aptSeveral security issues were fixed in APT.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2351-1 -- nginx vulnerabilityUbuntu 14.04nginxnginx could be made to expose sensitive information over the network.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2346-1 -- curl vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04curlSeveral security issues were fixed in curl.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2384-1 -- MySQL vulnerabilitiesUbuntu 14.04Ubuntu 12.04mysql-5.5Multiple security issues were discovered in MySQL and this update includes
a new upstream MySQL version to fix these issues. MySQL has been updated to
5.5.40.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-39.html
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-40.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlSergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2342-1 -- qemu, qemu-kvm vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04qemuqemu-kvmSeveral security issues were fixed in QEMU.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2344-1 -- php5 vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04php5php5 could be made to crash or run programs if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2353-1 -- apt vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04aptAPT could be made to crash or run programs if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2363-2 -- bash vulnerabilityUbuntu 14.04bashBash allowed bypassing environment restrictions in certain environments.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2359-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2326-1 -- oxide-qt vulnerabilitiesUbuntu 14.04oxide-qtSeveral security issues were fixed in Oxide.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2347-1 -- python-django vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04python-djangoSeveral security issues were fixed in Django.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2311-2 -- ceilometer vulnerabilityUbuntu 14.04ceilometerOpenStack Ceilometer could be made to expose sensitive information.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2320-1 -- oxide-qt vulnerabilitiesUbuntu 14.04oxide-qtSeveral security issues were fixed in Oxide.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2337-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2360-2 -- thunderbird vulnerabilitiesUbuntu 14.04Ubuntu 12.04thunderbirdFraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2350-1 -- nss updateUbuntu 14.04Ubuntu 12.04Ubuntu 10.04nssNSS was updated to refresh the CA certificates bundle.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2352-1 -- dbus vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04dbusSeveral security issues were fixed in DBus.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2338-1 -- lua5.1 vulnerabilityUbuntu 14.04Ubuntu 12.04lua5.1Lua could be made to crash or run programs.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2362-1 -- bash vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04bashBash allowed bypassing environment restrictions in certain environments.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2329-1 -- firefox vulnerabilitiesUbuntu 14.04Ubuntu 12.04firefoxFirefox could be made to crash or run programs as your login if it opened a malicious website.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2319-1 -- openjdk-7 vulnerabilitiesUbuntu 14.04openjdk-7Several security issues were fixed in OpenJDK 7.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2324-1 -- keystone vulnerabilitiesUbuntu 14.04keystoneSeveral security issues were fixed in OpenStack Keystone.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2322-1 -- glance vulnerabilityUbuntu 14.04glanceOpenStack Glance could be made to stop serving requests.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2310-1 -- krb5 vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04krb5Several security issues were fixed in Kerberos.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2361-1 -- nss vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04nssFraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2308-1 -- openssl vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04opensslSeveral security issues were fixed in OpenSSL.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2381-1 -- rsyslog vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04rsyslogRsyslog could be made to crash if it received specially crafted input.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2363-1 -- bash vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04bashBash allowed bypassing environment restrictions in certain environments.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2315-1 -- serf vulnerabilityUbuntu 14.04Ubuntu 12.04serfFraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2343-1 -- nss vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04nssNSS could be made to crash or run programs as your login if it processed a specially crafted certificate.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2304-1 -- kde4libs vulnerabilityUbuntu 14.04Ubuntu 12.04kde4libskauth could be tricked into bypassing polkit authorizations.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2370-1 -- apt vulnerabilityUbuntu 14.04Ubuntu 12.04aptAPT could be made to overwrite files.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2380-1 -- bash vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04bashSeveral security issues were fixed in Bash.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2306-1 -- eglibc vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04eglibcSeveral security issues were fixed in the GNU C Library.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2319-2 -- openjdk-7 regressionUbuntu 14.04openjdk-7USN-2319-1 introduced a regression in OpenJDK 7.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2305-1 -- samba vulnerabilityUbuntu 14.04sambaSamba could be made to run programs as an administrator if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2323-1 -- horizon vulnerabilitiesUbuntu 14.04horizonSeveral security issues were fixed in OpenStack Horizon.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2300-1 -- lzo2 vulnerabilityUbuntu 14.04Ubuntu 12.04lzo2LZO could be made to crash or run programs if it processed specially crafted data.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2318-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2311-1 -- python-pycadf vulnerabilityUbuntu 14.04python-pycadfpyCADF could be made to expose sensitive information.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2321-1 -- neutron vulnerabilitiesUbuntu 14.04neutronOpenStack Neutron could be made to expose sensitive information or crash.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2294-1 -- libtasn1-3, libtasn1-6 vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04libtasn1-6libtasn1-3Libtasn1 could be made to crash or run programs as your login if it processed specially crafted data.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2293-1 -- cups vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04cupsCUPS could be made to expose sensitive information, leading to privilege escalation.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2319-3 -- openjdk-7 updateUbuntu 14.04openjdk-7This update provides stability updates for OpenJDK 7.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2302-1 -- tomcat6, tomcat7 vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04tomcat7tomcat6Several security issues were fixed in Tomcat.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2314-1 -- linux vulnerabilityUbuntu 14.04linuxThe system could be made to crash under certain conditions.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2298-1 -- oxide-qt vulnerabilitiesUbuntu 14.04oxide-qtSeveral security issues were fixed in Oxide.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2325-1 -- nova vulnerabilityUbuntu 14.04novaOpenStack Nova could be made to expose sensitive information over the network.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2341-1 -- cups vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04cupsCUPS could be made to expose sensitive information, leading to privilege escalation.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2303-1 -- unity vulnerabilityUbuntu 14.04unityThe Unity lock screen could possibly be bypassed in certain circumstances.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2340-1 -- procmail vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04procmailformail could be made to crash or run programs if it processed specially crafted mail.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2296-1 -- thunderbird vulnerabilitiesUbuntu 14.04Ubuntu 12.04thunderbirdSeveral security issues were fixed in Thunderbird.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2307-1 -- gpgme1.0 vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04gpgme1.0GPGME could be made to crash or run programs as your login if it processed a specially crafted certificate.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2299-1 -- apache2 vulnerabilitiesUbuntu 14.04Ubuntu 12.04Ubuntu 10.04apache2Several security issues were fixed in Apache HTTP Server.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2316-1 -- subversion vulnerabilitiesUbuntu 14.04Ubuntu 12.04subversionSeveral security issues were fixed in Subversion.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2339-2 -- libgcrypt11 vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04libgcrypt11Libgcrypt could expose sensitive information when performing decryption.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2328-1 -- eglibc vulnerabilityUbuntu 14.04Ubuntu 12.04Ubuntu 10.04eglibcCertain applications could be made to crash or run programs as an administrator.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2327-1 -- squid3 vulnerabilityUbuntu 14.04Ubuntu 12.04squid3Squid could be made to crash if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2295-1 -- firefox vulnerabilitiesUbuntu 14.04Ubuntu 12.04firefoxFirefox could be made to crash or run programs as your login if it opened a malicious website.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2278-1 -- file vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04fileFile could be made to crash or hang if it processed specially crafted data.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2276-1 -- php5 vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04php5Several security issues were fixed in PHP.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2274-1 -- linux vulnerabilityUbuntu 14.04linuxThe system could be made to crash or run programs as an administrator.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2280-1 -- miniupnpc vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04miniupnpcMiniUPnPc could be made to crash if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2292-1 -- liblwp-protocol-https-perl vulnerabilityUbuntu 14.04liblwp-protocol-https-perlLWP::Protocol::https could be made to expose sensitive information over the network.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2275-1 -- dbus vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04dbusSeveral security issues were fixed in DBus.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2256-1 -- swift vulnerabilityUbuntu 14.04swiftSwift did not properly perform input validation of certain HTTP headers.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2253-1 -- libreoffice vulnerabilityUbuntu 14.04libreofficeLibreOffice would unconditionally execute certain VBA macros.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2291-1 -- mysql-5.5 vulnerabilitiesUbuntu 14.04Ubuntu 12.04mysql-5.5Several security issues were fixed in MySQL.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2290-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2232-2 -- openssl regressionUbuntu 14.04Ubuntu 13.10Ubuntu 12.04opensslUSN-2232-1 introduced a regression in OpenSSL.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2258-1 -- gnupg, gnupg2 vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04gnupggnupg2GnuPG could be made to hang if it processed a specially crafted message.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2250-1 -- thunderbird vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04thunderbirdSeveral security issues were fixed in Thunderbird.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2265-1 -- nspr vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04nsprNSPR could be made to crash or run programs if it received specially crafted input.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2214-3 -- libxml2 regressionUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04libxml2USN-2214-1 introduced a regression in libxml2.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2279-1 -- transmission vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04transmissionTransmission could be made to crash or run programs if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2257-1 -- samba vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04sambaSeveral security issues were fixed in Samba.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2254-2 -- php5 updatesUbuntu 14.04Ubuntu 13.10php5An improvement was made for PHP FPM environments.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2243-1 -- firefox vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04firefoxFirefox could be made to crash or run programs as your login if it opened a malicious website.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2190-1 -- jbigkit vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.10jbigkitJBIG-KIT could be made to crash or run programs if it processed a specially crafted image file.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2210-1 -- cups-filters vulnerabilityUbuntu 14.04cups-filtersSeveral security issues were fixed in cups-filters.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2185-1 -- firefox vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04firefoxFirefox could be made to crash or run programs as your login if it opened a malicious website.Sergey ArtykhovDRAFTINTERIMSergey ArtykhovACCEPTEDACCEPTEDUSN-2183-1 -- dpkg vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04dpkgA malicious source package could write files outside the unpack directory.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2183-2 -- dpkg vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04dpkgA malicious source package could write files outside the unpack directory.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2211-1 -- libxfont vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04libxfontSeveral security issues were fixed in libXfont.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2184-1 -- unity vulnerabilitiesUbuntu 14.04unityThe Unity lock screen could be bypassed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2214-1 -- libxml2 vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04libxml2libxml2 could be made to consume resources if it processed a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2249-1 -- heat vulnerabilityUbuntu 14.04heatOpenStack Heat would expose sensitive information over the network.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2240-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2204-1 -- linux vulnerabilityUbuntu 14.04linuxThe system could be made to crash or run programs as an administrator.Sergey ArtykhovDRAFTINTERIMSergey ArtykhovACCEPTEDACCEPTEDUSN-2222-1 -- mod-wsgi vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04mod-wsgimod_wsgi could be made to run programs as an administrator if it executes a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2188-1 -- elfutils vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.10elfutilselfutils could be made to crash or run programs if it processed a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2192-1 -- openssl vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04opensslOpenSSL could be made to crash if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMSergey ArtykhovACCEPTEDACCEPTEDUSN-2217-1 -- lxml vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04lxmllxml could allow cross-site scripting (XSS) attacks.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2230-1 -- chkrootkit vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04chkrootkitchkrootkit could be made to run programs as an administrator.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2169-1 -- python-django vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04python-djangoSeveral security issues were fixed in Django.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2232-3 -- openssl regressionUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04opensslUSN-2232-1 introduced a regression in OpenSSL.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2245-1 -- json-c vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04json-cjson-c could be made to crash or consume CPU if it processed a specially crafted JSON document.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2248-1 -- cinder vulnerabilityUbuntu 14.04Ubuntu 13.10cinderOpenStack Cinder could be made to run programs as an administrator under certain conditions.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2169-2 -- python-django regressionUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04python-djangoUSN-2169-1 introduced a regression in Django.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2213-1 -- dovecot vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04dovecotDovecot could be made to stop responding if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2189-1 -- thunderbird vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04thunderbirdSeveral security issues were fixed in Thunderbird.Sergey ArtykhovDRAFTINTERIMSergey ArtykhovACCEPTEDACCEPTEDUSN-2170-1 -- mysql-5.5 vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04mysql-5.5Several security issues were fixed in MySQL.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2226-1 -- linux vulnerabilitiesUbuntu 14.04linuxSeveral security issues were fixed in the kernel.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2212-1 -- python-django vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04python-djangoDjango applications could be made to expose sensitive information over the network.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2187-1 -- openjdk-7 vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10openjdk-7Several security issues were fixed in OpenJDK 7.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2184-2 -- unity vulnerabilitiesUbuntu 14.04unityThe Unity lock screen could be bypassed.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2246-1 -- apt vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04aptAn attacker could trick APT into installing altered source packages.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2232-1 -- openssl vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04opensslSeveral security issues were fixed in OpenSSL.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2247-1 -- nova vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04novaSeveral security issues were fixed in OpenStack Nova.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2229-1 -- gnutls26 vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04gnutls26GnuTLS could be made to crash or run programs if it connected to a malicious server.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2171-1 -- rsync vulnerabilityUbuntu 14.04rsyncrsync could be made to consume resources if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2255-1 -- neutron vulnerabilitiesUbuntu 14.04Ubuntu 13.10neutronSeveral security issues were fixed in OpenStack Neutron.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2254-1 -- php5 vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04php5Several security issues were fixed in PHP.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2242-1 -- dpkg vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04dpkgA malicious source package could write files outside the unpack directory.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2214-2 -- libxml2 regressionUbuntu 14.04Ubuntu 13.10Ubuntu 12.04Ubuntu 10.04libxml2USN-2214-1 introduced a regression in libxml2.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2182-1 -- qemu, qemu-kvm vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04qemuqemu-kvmSeveral security issues were fixed in QEMU.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUSN-2216-1 -- pidgin vulnerabilityUbuntu 14.04Ubuntu 13.10Ubuntu 12.04pidginPidgin could be made to crash or run programs if it received specially crafted network traffic.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUSN-2205-1 -- tiff vulnerabilitiesUbuntu 14.04Ubuntu 13.10Ubuntu 12.10Ubuntu 12.04Ubuntu 10.04tiffLibTIFF could be made to crash or run programs as your login if it opened a specially crafted file.Sergey ArtykhovDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 14.04 is installedUbuntu 14.04Ubuntu 14.04 is installedMaria KedovskayaDRAFTINTERIMACCEPTEDMaria MikhnoINTERIMACCEPTEDACCEPTEDUbuntu 13.10 is installedUbuntu 13.10Ubuntu 13.10 is installedMaria KedovskayaDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 12.10 is installedUbuntu 12.10Ubuntu 12.10 is installedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 12.04 is installedUbuntu 12.04Ubuntu 12.04 is installedGaurav KumarDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDUbuntu 10.04 is installedUbuntu 10.04Ubuntu 10.04 is installedSecPod TeamDRAFTINTERIMACCEPTEDSergey ArtykhovINTERIMACCEPTEDACCEPTEDgraphviznvidia-331nvidia-304nvidia-304-updatesnvidia-331-updateslibssl1.0.0libjasper1linux-image-3.13.0-43-powerpc64-smplinux-image-3.13.0-43-lowlatencylinux-image-3.13.0-43-generic-lpaelinux-image-3.13.0-43-powerpc64-emblinux-image-3.13.0-43-powerpc-e500mclinux-image-3.13.0-43-powerpc-e500linux-image-3.13.0-43-powerpc-smplinux-image-3.13.0-43-genericclamavlinux-image-3.13.0-40-powerpc-e500mclinux-image-3.13.0-40-powerpc-e500linux-image-3.13.0-40-powerpc64-smplinux-image-3.13.0-40-powerpc-smplinux-image-3.13.0-40-genericlinux-image-3.13.0-40-generic-lpaelinux-image-3.13.0-40-lowlatencylinux-image-3.13.0-40-powerpc64-emblibksba8pppopenvpnapparmormuttmutt-patchedlibflac8libflac++6tcpdumpntpxserver-xorg-core-lts-trustyxserver-xorg-corelibruby1.8ruby1.8libruby2.0ruby2.0ruby1.9.1libruby2.1libruby1.9.1ruby2.1linux-image-3.13.0-39-powerpc-e500linux-image-3.13.0-39-powerpc64-smplinux-image-3.13.0-39-genericlinux-image-3.13.0-39-powerpc-smplinux-image-3.13.0-39-lowlatencylinux-image-3.13.0-39-powerpc-e500mclinux-image-3.13.0-39-powerpc64-emblinux-image-3.13.0-39-generic-lpaewgetphp5-xmlrpcphp5-curllinux-image-3.16.0-28-powerpc64-emblinux-image-3.16.0-28-powerpc-e500mclinux-image-3.16.0-28-genericlinux-image-3.16.0-28-powerpc64-smplinux-image-3.16.0-28-powerpc-smplinux-image-3.16.0-28-lowlatencylinux-image-3.16.0-28-generic-lpaemaas-region-controllermaas-region-controller-minbind9pollinatelibvncserver0wpasupplicantexuberant-ctagspython-requestspython3-requestslinux-image-3.13.0-37-genericlinux-image-3.13.0-37-powerpc-e500linux-image-3.13.0-37-powerpc64-smplinux-image-3.13.0-37-lowlatencylinux-image-3.13.0-37-generic-lpaelinux-image-3.13.0-37-powerpc64-emblinux-image-3.13.0-37-powerpc-smplinux-image-3.13.0-37-powerpc-e500mclibvirt0libvirt-binnginx-fullnginx-naxsinginx-extrasnginx-corenginx-lightlibcurl3libcurl3-gnutlslibcurl3-nssphp5linux-image-3.13.0-36-genericlinux-image-3.13.0-36-powerpc-e500linux-image-3.13.0-36-lowlatencylinux-image-3.13.0-36-generic-lpaelinux-image-3.13.0-36-powerpc-smplinux-image-3.13.0-36-powerpc64-emblinux-image-3.13.0-36-powerpc64-smplinux-image-3.13.0-36-powerpc-e500mcceilometer-commonlinux-image-3.13.0-35-powerpc-e500mclinux-image-3.13.0-35-powerpc-e500linux-image-3.13.0-35-powerpc64-emblinux-image-3.13.0-35-generic-lpaelinux-image-3.13.0-35-powerpc64-smplinux-image-3.13.0-35-genericlinux-image-3.13.0-35-powerpc-smplinux-image-3.13.0-35-lowlatencylua5.1liblua5.1-0python-keystoneglance-commonlibkrad0krb5-otplibgssrpc4libkadm5srv-mit8libkadm5clnt-mit9libkdb5-6libkrb5-3krb5-admin-serverlibkdb5-7libkadm5clnt-mit7libkdb5-4libkadm5srv-mit7libgssapi-krb5-2krb5-kdc-ldapkrb5-userlibkadm5srv-mit9libk5crypto3libkadm5clnt-mit8krb5-kdckrb5-pkinitlibkrb5support0rsyslogbashlibserf-1-1libserf1libnss3-1dlibnss3kdelibs5-pluginsbashopenstack-dashboardliblzo2-2linux-image-3.13.0-34-powerpc-e500linux-image-3.13.0-34-powerpc-e500mclinux-image-3.13.0-34-powerpc-smplinux-image-3.13.0-34-powerpc64-smplinux-image-3.13.0-34-generic-lpaelinux-image-3.13.0-34-genericlinux-image-3.13.0-34-lowlatencylinux-image-3.13.0-34-powerpc64-embpython-pycadfneutron-commonlibtasn1-6libtasn1-3libtomcat7-javalibtomcat6-javalinux-image-3.13.0-33-powerpc-smplinux-image-3.13.0-33-lowlatencylinux-image-3.13.0-33-powerpc-e500mclinux-image-3.13.0-33-genericlinux-image-3.13.0-33-powerpc64-smplinux-image-3.13.0-33-generic-lpaelinux-image-3.13.0-33-powerpc64-emblinux-image-3.13.0-33-powerpc-e500oxideqt-codecs-extraliboxideqtcore0oxideqt-codecscupsprocmaillibgpgme11apache2.2-binapache2-binlibapache2-svnsubversionlibsvn1libgcrypt11libc6squid3libmagic1filelinux-image-3.13.0-30-powerpc64-smplinux-image-3.13.0-30-powerpc64-emblinux-image-3.13.0-30-powerpc-e500mclinux-image-3.13.0-30-powerpc-smplinux-image-3.13.0-30-genericlinux-image-3.13.0-30-generic-lpaelinux-image-3.13.0-30-lowlatencylinux-image-3.13.0-30-powerpc-e500libminiupnpc8liblwp-protocol-https-perllibdbus-1-3dbuspython-swiftlibreoffice-corelinux-image-3.13.0-32-generic-lpaelinux-image-3.13.0-32-powerpc-e500mclinux-image-3.13.0-32-powerpc64-emblinux-image-3.13.0-32-genericlinux-image-3.13.0-32-powerpc64-smplinux-image-3.13.0-32-powerpc-smplinux-image-3.13.0-32-powerpc-e500linux-image-3.13.0-32-lowlatencygnupggnupg2libnspr4-0dlibnspr4transmission-commonsambalibjbig0cups-browsedfirefoxlibxfont1python-heatlinux-image-3.13.0-29-lowlatencylinux-image-3.13.0-29-generic-lpaelinux-image-3.13.0-29-powerpc64-emblinux-image-3.13.0-29-powerpc-smplinux-image-3.13.0-29-powerpc-e500mclinux-image-3.13.0-29-genericlinux-image-3.13.0-29-powerpc64-smplinux-image-3.13.0-29-powerpc-e500linux-image-3.13.0-24-powerpc64-smplinux-image-3.13.0-24-powerpc-e500mclinux-image-3.13.0-24-generic-lpaelinux-image-3.13.0-24-powerpc64-emblinux-image-3.13.0-24-powerpc-smplinux-image-3.13.0-24-lowlatencylinux-image-3.13.0-24-powerpc-e500linux-image-3.13.0-24-genericlibapache2-mod-wsgi-py3libapache2-mod-wsgilibdw1python3-lxmlpython-lxmlchkrootkitlibjson0python-cinderdovecot-coredovecot-pop3ddovecot-imapdthunderbirdmysql-server-5.5linux-image-3.13.0-27-generic-lpaelinux-image-3.13.0-27-powerpc-e500linux-image-3.13.0-27-powerpc-smplinux-image-3.13.0-27-powerpc-e500mclinux-image-3.13.0-27-powerpc64-smplinux-image-3.13.0-27-genericlinux-image-3.13.0-27-powerpc64-emblinux-image-3.13.0-27-lowlatencypython-djangoicedtea-7-jre-cacaoicedtea-7-jre-jamvmopenjdk-7-jre-libopenjdk-7-jre-zeroopenjdk-7-jre-headlessopenjdk-7-jreunityaptlibssl0.9.8libssl1.0.0python-novalibgnutls26rsyncpython-neutronphp5-fpmphp5-cgiphp5-clilibapache2-mod-php5dpkg-devlibdpkg-perllibxml2qemu-system-sparcqemu-system-mipsqemu-system-ppcqemu-system-armqemu-system-x86qemu-system-miscqemu-kvmqemu-system-aarch64qemu-systemlibpurple0pidgin/etclsb-release^.*Ubuntu.*\nDISTRIB_RELEASE=(\d{1,2}\.\d{1,2})$1libtiff4libtiff50:1.0.1-4ubuntu5.310:1.0.1f-1ubuntu2.150:1.0.1f-1ubuntu9.80:1.0.1f-1ubuntu11.41:2.2+dfsg-5expubuntu9.10:1.0+noroms-0ubuntu14.220:2.1+dfsg-4ubuntu6.60:2.0.0+dfsg-2ubuntu1.110:2.26.3-10ubuntu1.20:2.36.0-0ubuntu3.10:2.38.0-5ubuntu0.10:2.20.2-8ubuntu3.22:1.15.1-0ubuntu2~precise32:1.16.0-1ubuntu1.12:1.15.1-0ubuntu2.42:1.11.4-0ubuntu10.150:331.113-0ubuntu0.0.0.30:304.125-0ubuntu0.0.0.10:331.113-0ubuntu0.10:304.125-0ubuntu0.0.10:304.125-0ubuntu0.10:331.113-0ubuntu0.0.415.040:1.0.1-4ubuntu5.310:1.0.1f-1ubuntu11.40:1.0.1f-1ubuntu2.150:1.0.1f-1ubuntu9.80:3.16.0-28.37~14.04.10:1.900.1-13ubuntu0.10:1.900.1-14ubuntu3.10:1.900.1-debian1-2ubuntu0.10:3.13.0-43.720:1.0+noroms-0ubuntu14.210:0.12.3+noroms-0ubuntu9.260:2.0.0+dfsg-2ubuntu1.90:2.1+dfsg-4ubuntu6.30:0.98.5+dfsg-0ubuntu0.14.10.10:0.98.5+addedllvm-0ubuntu0.14.04.10:0.98.5+addedllvm-0ubuntu0.12.04.10:3.3.8-1ubuntu8.10:3.3.8-1ubuntu6.20:3.5-1ubuntu0.10:3.4-4ubuntu2.1.14.04.20:3.3-4ubuntu0.20:3.13.0-40.690:1.2.0-2ubuntu0.10:1.3.0-3ubuntu0.14.04.10:1.3.0-3ubuntu0.14.10.10:2.4.5-5.1ubuntu3.10:2.4.5-5ubuntu1.10:2.4.5-5.1ubuntu2.10:2.4.5~git20081126t100229-0ubuntu3.10:1.6.18-0ubuntu4.30:1.4.18-1ubuntu1.70:1.8.8-1ubuntu2.10:2.3.2-9ubuntu1.10:2.3.2-7ubuntu3.10:2.2.1-8ubuntu1.40:2.8.95~2430-0ubuntu5.10:1.5.23-1.1ubuntu0.20:1.5.21-5ubuntu2.20:1.5.20-7ubuntu1.30:1.5.21-6.4ubuntu2.10:1.3.0-2ubuntu0.14.04.10:1.2.1-6ubuntu0.10:1.2.1-2ubuntu0.10:1.3.0-2ubuntu0.14.10.10:34.0+build2-0ubuntu0.14.10.20:34.0+build2-0ubuntu0.14.04.10:34.0+build2-0ubuntu0.12.04.11:31.3.0+build1-0ubuntu0.14.10.11:31.3.0+build1-0ubuntu0.12.04.11:31.3.0+build1-0ubuntu0.14.04.10:4.2.1-1ubuntu2.10:4.5.1-2ubuntu1.10:4.0.0-6ubuntu3.10:4.6.2-1ubuntu1.10:0.12.3+noroms-0ubuntu9.250:2.1+dfsg-4ubuntu6.10:1.0+noroms-0ubuntu14.190:2.0.0+dfsg-2ubuntu1.71:4.2.4p8+dfsg-1ubuntu2.21:4.2.6.p3+dfsg-1ubuntu3.21:4.2.6.p5+dfsg-3ubuntu2.14.04.11:4.2.6.p5+dfsg-3ubuntu2.14.10.11:2.10.3-0ubuntu1.61:2.10.9-0ubuntu7.11:2.10.9-0ubuntu3.22:1.15.1-0ubuntu2~precise42:1.11.4-0ubuntu10.162:1.16.0-1ubuntu1.22:1.15.1-0ubuntu2.50:1.9.3.0-1ubuntu2.90:1.8.7.352-2ubuntu1.50:1.9.3.484-2ubuntu1.10:2.1.2-2ubuntu1.10:2.0.0.484-1ubuntu2.10:2.0.0.484+really457-3ubuntu1.11:2014.1.3-0ubuntu2.10:1.8.7.352-2ubuntu1.60:2.0.0.484+really457-3ubuntu1.20:2.0.0.484-1ubuntu2.20:1.9.3.484-2ubuntu1.20:1.9.3.0-1ubuntu2.100:2.1.2-2ubuntu1.20:3.13.0-39.660:1.12-1.1ubuntu2.20:1.15-1ubuntu1.14.04.10:1.15-1ubuntu1.14.10.10:1.13.4-2ubuntu1.20:7.19.7-1ubuntu1.100:7.22.0-3ubuntu4.110:7.37.1-1ubuntu3.10:7.35.0-1ubuntu2.20:1.2.8-0ubuntu11.10:1.2.2-0ubuntu13.1.70:5.3.2-1ubuntu4.280:5.5.9+dfsg-1ubuntu4.50:5.3.10-1ubuntu3.150:5.5.12+dfsg-2ubuntu4.10:2.19-0ubuntu6.40:2.19-10ubuntu2.10:2.15-0ubuntu10.90:2.11.1-0ubuntu7.190:3.16.0-28.38~14.04.10:1.5.4+bzr2294-0ubuntu1.20:1.2+bzr1373+dfsg-0ubuntu1~12.04.60:1.7.0~beta8+bzr3272-0ubuntu1.21:9.7.0.dfsg.P1-1ubuntu0.121:9.8.1.dfsg.P1-4ubuntu0.91:9.9.5.dfsg-3ubuntu0.11:9.9.5.dfsg-4.3ubuntu0.11:2014.1.3-0ubuntu1.10:1.3.4-0ubuntu0.14.04.10:1.3.4-0ubuntu0.14.10.114.101:4.3.3-0ubuntu11:4.2.7-0ubuntu10:2.7.6.dfsg-1ubuntu1.150:2.9.1+dfsg1-3ubuntu4.40:2.7.8.dfsg-5.1ubuntu4.110:4.7-0ubuntu1.20:0.9.9+dfsg-1ubuntu1.10:0.9.8.2-2ubuntu1.10:7u71-2.5.3-0ubuntu0.14.04.10:4.3-7ubuntu1.40:4.2-2ubuntu2.50:4.1-2ubuntu3.40:2.1-0ubuntu1.10:0.7.3-6ubuntu2.30:0.6.9-3ubuntu3.21:5.14-2ubuntu3.20:5.09-2ubuntu0.50:5.03-5ubuntu1.41:5.9~svn20110310-3ubuntu0.11:5.9~svn20110310-7ubuntu0.10:1.0.1f-1ubuntu2.70:1.0.1-4ubuntu5.200:0.9.8k-7ubuntu8.221:31.2.0+build2-0ubuntu0.12.04.11:31.2.0+build2-0ubuntu0.14.04.10:1.2.5-0ubuntu0.14.04.10:2.2.1-1ubuntu0.10:3.13.0-37.640:33.0+build2-0ubuntu0.12.04.10:33.0+build2-0ubuntu0.14.04.10:0.9.8-2ubuntu17.200:1.2.2-0ubuntu13.1.50:0.7.5-5ubuntu27.251:31.1.1+build1-0ubuntu0.12.04.11:31.1.1+build1-0ubuntu0.14.04.10:32.0.3+build1-0ubuntu0.14.04.10:32.0.3+build1-0ubuntu0.12.04.11:4.2.6.3-0ubuntu10:1.0.1ubuntu2.3-00:0.7.25.3ubuntu9.16-00:0.8.16~exp12ubuntu10.19-00:1.4.6-1ubuntu3.10:7.19.7-1ubuntu1.90:7.22.0-3ubuntu4.100:7.35.0-1ubuntu2.10:5.5.40-0ubuntu0.12.04.10:5.5.40-0ubuntu0.14.04.10:1.0+noroms-0ubuntu14.170:0.12.3+noroms-0ubuntu9.240:2.0.0+dfsg-2ubuntu1.30:5.3.2-1ubuntu4.270:5.3.10-1ubuntu3.140:5.5.9+dfsg-1ubuntu4.40:0.7.25.3ubuntu9.17.1-00:0.8.16~exp12ubuntu10.20.1-00:1.0.1ubuntu2.4.1-00:4.3-7ubuntu1.30:3.13.0-36.630:1.1.2-0ubuntu0.14.04.10:1.6.1-2ubuntu0.40:1.1.1-2ubuntu1.130:1.3.1-4ubuntu1.120:2014.1.2-0ubuntu1.10:1.0.5-0ubuntu0.14.04.10:3.13.0-35.621:31.1.2+build1-0ubuntu0.14.04.11:31.1.2+build1-0ubuntu0.12.04.12:3.17-0ubuntu0.14.04.10:3.17-0ubuntu0.12.04.10:3.17-0ubuntu0.10.04.10:1.4.18-1ubuntu1.60:1.2.16-2ubuntu4.80:1.6.18-0ubuntu4.20:5.1.5-5ubuntu0.10:5.1.4-12ubuntu1.10:4.1-2ubuntu3.10:4.3-7ubuntu1.10:4.2-2ubuntu2.20:32.0+build1-0ubuntu0.14.04.10:32.0+build1-0ubuntu0.12.04.10:7u65-2.5.1-4ubuntu1~0.14.04.11:2014.1.2.1-0ubuntu1.10:1.8.1+dfsg-2ubuntu0.130:1.12+dfsg-2ubuntu4.20:1.10+dfsg~beta1-2ubuntu0.52:3.17.1-0ubuntu0.14.04.10:3.17.1-0ubuntu0.12.04.10:3.17.1-0ubuntu0.10.04.10:1.0.1f-1ubuntu2.50:0.9.8k-7ubuntu8.200:1.0.1-4ubuntu5.170:4.2.0-2ubuntu8.30:5.8.6-1ubuntu8.90:7.4.4-1ubuntu2.30:4.2-2ubuntu2.30:4.1-2ubuntu3.20:4.3-7ubuntu1.20:1.3.3-1ubuntu0.10:1.0.0-2ubuntu0.10:3.15.4-0ubuntu0.10.04.32:3.15.4-1ubuntu7.10:3.15.4-0ubuntu0.12.04.34:4.13.2a-0ubuntu0.34:4.8.5-0ubuntu0.40:0.8.16~exp12ubuntu10.21-00:1.0.1ubuntu2.5-00:4.2-2ubuntu2.60:4.3-7ubuntu1.50:4.1-2ubuntu3.50:2.19-0ubuntu6.10:2.11.1-0ubuntu7.140:2.15-0ubuntu10.60:7u65-2.5.1-4ubuntu1~0.14.04.22:4.1.6+dfsg-1ubuntu2.14.04.30:2.06-1ubuntu0.10:2.06-1.2ubuntu1.10:3.13.0-34.600:0.4.1-0ubuntu1.10:2.10-1ubuntu1.20:3.4-3ubuntu0.10:2.4-1ubuntu0.20:1.5.3-0ubuntu8.40:1.7.2-0ubuntu1.10:1.4.3-1ubuntu1.120:7u65-2.5.2-3~14.040:6.0.24-2ubuntu1.160:7.0.52-1ubuntu0.10:6.0.35-1ubuntu3.50:3.13.0-33.580:1.0.4-0ubuntu0.14.04.11:2014.1.2-0ubuntu1.10:1.5.3-0ubuntu8.50:1.4.3-1ubuntu1.130:1.7.2-0ubuntu1.20:7.2.2+14.04.20140714-0ubuntu1.10:3.22-18ubuntu1.10:3.22-21ubuntu0.10:3.22-19ubuntu0.11:31.0+build1-0ubuntu0.14.04.11:31.0+build1-0ubuntu0.12.04.10:1.2.0-1.2ubuntu1.10:1.2.0-1.4ubuntu2.10:1.4.3-0.1ubuntu5.10:2.2.22-1ubuntu1.70:2.2.14-5ubuntu8.140:2.4.7-1ubuntu4.10:1.6.17dfsg-3ubuntu3.40:1.8.8-1ubuntu3.10:1.4.4-5ubuntu2.30:1.5.3-2ubuntu4.10:1.5.0-3ubuntu0.30:2.15-0ubuntu10.70:2.19-0ubuntu6.30:2.11.1-0ubuntu7.160:3.3.8-1ubuntu6.10:3.1.19-1ubuntu3.12.04.30:31.0+build1-0ubuntu0.14.04.10:31.0+build1-0ubuntu0.12.04.10:5.03-5ubuntu1.30:5.11-2ubuntu4.31:5.14-2ubuntu3.10:5.09-2ubuntu0.40:5.5.3+dfsg-1ubuntu2.60:5.3.10-1ubuntu3.130:5.3.2-1ubuntu4.260:5.5.9+dfsg-1ubuntu4.30:3.13.0-30.550:1.6-3ubuntu2.13.10.10:1.6-3ubuntu1.10:1.6-3ubuntu2.14.04.10:6.04-2ubuntu0.10:1.6.12-0ubuntu10.10:1.4.18-1ubuntu1.50:1.6.18-0ubuntu4.10:1.13.1-0ubuntu1.11:4.2.4-0ubuntu20:5.5.38-0ubuntu0.14.04.10:5.5.38-0ubuntu0.12.04.10:3.13.0-32.570:1.0.1e-3ubuntu1.50:1.0.1f-1ubuntu2.30:1.0.1-4ubuntu5.150:1.4.14-1ubuntu2.20:1.4.16-1ubuntu2.10:2.0.22-3ubuntu1.10:1.4.10-2ubuntu1.60:2.0.20-1ubuntu3.10:2.0.14-1ubuntu1.70:1.4.11-3ubuntu2.60:2.0.17-2ubuntu2.12.04.41:24.6.0+build1-0ubuntu0.12.04.11:24.6.0+build1-0ubuntu0.13.10.11:24.6.0+build1-0ubuntu0.14.04.12:4.10.2-1ubuntu1.12:4.9.5-1ubuntu1.20:4.9.5-0ubuntu0.10.04.30:4.9.5-0ubuntu0.12.04.30:2.7.6.dfsg-1ubuntu1.130:2.9.1+dfsg1-3ubuntu4.30:2.7.8.dfsg-5.1ubuntu4.90:2.9.1+dfsg1-3ubuntu2.30:2.51-0ubuntu1.40:2.82-1.1ubuntu3.10:2.82-0ubuntu1.12:3.6.3-2ubuntu2.112:3.4.7~dfsg-1ubuntu3.152:4.1.6+dfsg-1ubuntu2.14.04.22:3.6.18-1ubuntu3.30:5.5.3+dfsg-1ubuntu2.50:5.5.9+dfsg-1ubuntu4.20:30.0+build1-0ubuntu0.12.04.30:30.0+build1-0ubuntu0.13.10.30:30.0+build1-0ubuntu0.14.04.30:2.0-2ubuntu1.12.10.10:2.0-2ubuntu1.13.10.10:2.0-2ubuntu4.10:1.0.52-0ubuntu1.10:29.0+build1-0ubuntu0.12.04.20:29.0+build1-0ubuntu0.14.04.20:29.0+build1-0ubuntu0.13.10.30:29.0+build1-0ubuntu0.12.10.30:1.17.5ubuntu5.1-00:1.15.5.6ubuntu4.7-00:1.16.7ubuntu6.1-00:1.16.1.2ubuntu7.3-00:1.16.12ubuntu1.1-00:1.17.5ubuntu5.2-00:1.16.12ubuntu1.2-00:1.16.1.2ubuntu7.4-00:1.16.7ubuntu6.2-00:1.15.5.6ubuntu4.8-01:1.4.7-1ubuntu0.11:1.4.4-1ubuntu0.21:1.4.5-2ubuntu0.12.10.21:1.4.1-1ubuntu0.31:1.4.6-1ubuntu0.20:7.2.0+14.04.20140423-0ubuntu1.10:2.7.6.dfsg-1ubuntu1.110:2.8.0+dfsg1-5ubuntu2.50:2.9.1+dfsg1-3ubuntu2.10:2.9.1+dfsg1-3ubuntu4.10:2.7.8.dfsg-5.1ubuntu4.70:2014.1-0ubuntu1.10:3.13.0-29.530:3.13.0-24.470:3.4-4ubuntu2.1.14.04.10:3.3-4ubuntu0.10:3.4-4ubuntu2.1.13.10.10:0.158-0ubuntu5.10:0.157-1ubuntu1.10:0.153-1ubuntu1.10:1.0.1-4ubuntu5.130:1.0.1f-1ubuntu2.10:1.0.1e-3ubuntu1.30:1.0.1c-3ubuntu2.80:3.2.0-1ubuntu0.10:2.3.2-1ubuntu0.20:3.3.3-1ubuntu0.10:0.49-4.1ubuntu1.14.04.10:0.49-3ubuntu0.10:0.49-4.1ubuntu1.13.10.10:0.49-4ubuntu1.10:1.1.1-2ubuntu1.100:1.3.1-4ubuntu1.90:1.5.4-1ubuntu1.10:1.6.1-2ubuntu0.10:1.4.1-2ubuntu0.50:1.0.1e-3ubuntu1.60:1.0.1-4ubuntu5.160:0.9.8k-7ubuntu8.190:1.0.1f-1ubuntu2.40:0.11-2ubuntu1.20:0.9-1ubuntu1.10:0.11-3ubuntu1.21:2014.1-0ubuntu1.11:2013.2.3-0ubuntu1.10:1.6.1-2ubuntu0.20:1.3.1-4ubuntu1.100:1.4.1-2ubuntu0.60:1.5.4-1ubuntu1.20:1.1.1-2ubuntu1.111:2.2.9-1ubuntu2.11:2.1.7-7ubuntu3.11:1.2.9-1ubuntu6.61:2.0.19-0ubuntu2.11:2.1.7-1ubuntu2.11:24.5.0+build1-0ubuntu0.13.10.11:24.5.0+build1-0ubuntu0.12.04.11:24.5.0+build1-0ubuntu0.14.04.11:24.5.0+build1-0ubuntu0.12.10.10:5.5.37-0ubuntu0.12.10.10:5.5.37-0ubuntu0.14.04.10:5.5.37-0ubuntu0.13.10.10:5.5.37-0ubuntu0.12.04.10:3.13.0-27.500:1.6.1-2ubuntu0.30:1.3.1-4ubuntu1.110:1.4.1-2ubuntu0.70:1.1.1-2ubuntu1.120:1.5.4-1ubuntu1.30:7u55-2.4.7-1ubuntu10:7u55-2.4.7-1ubuntu1~0.12.10.10:7u55-2.4.7-1ubuntu1~0.13.10.10:7.2.0+14.04.20140423-0ubuntu1.20:1.0.1ubuntu2.1-00:0.9.9.1~ubuntu3.2-00:0.8.16~exp12ubuntu10.17-00:0.7.25.3ubuntu9.15-00:0.9.8k-7ubuntu8.180:1.0.1f-1ubuntu2.20:1.0.1-4ubuntu5.140:1.0.1e-3ubuntu1.40:2012.1.3+stable-20130423-e52e6912-0ubuntu1.41:2014.1-0ubuntu1.21:2013.2.3-0ubuntu1.20:2.12.14-5ubuntu3.80:2.12.23-12ubuntu2.10:2.8.5-2ubuntu0.60:2.12.23-1ubuntu4.30:3.1.0-2ubuntu0.11:2014.1-0ubuntu1.31:2013.2.3-0ubuntu1.50:5.3.2-1ubuntu4.250:5.3.10-1ubuntu3.120:5.5.9+dfsg-1ubuntu4.10:5.5.3+dfsg-1ubuntu2.40:1.16.1.2ubuntu7.5-00:1.15.5.6ubuntu4.9-00:1.17.5ubuntu5.3-00:1.16.12ubuntu1.3-00:2.9.1+dfsg1-3ubuntu2.20:2.7.8.dfsg-5.1ubuntu4.80:2.9.1+dfsg1-3ubuntu4.20:2.7.6.dfsg-1ubuntu1.120:1.0+noroms-0ubuntu14.140:1.2.0+noroms-0ubuntu2.12.10.70:0.12.3+noroms-0ubuntu9.220:2.0.0~rc1+dfsg-0ubuntu3.10:1.5.0+dfsg-3ubuntu5.41:2.10.9-0ubuntu3.11:2.10.3-0ubuntu1.51:2.10.7-0ubuntu4.1.13.10.214.0413.1012.1012.0410.040:3.9.2-2ubuntu0.140:3.9.5-2ubuntu1.60:4.0.3-7ubuntu0.10:4.0.2-4ubuntu3.10:4.0.2-1ubuntu2.3