[ubuntu/karmic-security] php5_5.2.10.dfsg.1-2ubuntu6.10_lpia_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.10_armel_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.10_sparc_translations.tar.gz (delayed), php5_5.2.10.dfsg.1-2ubuntu6.10_i386_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.10_amd64_translations.tar.gz, php5, php5_5.2.10.dfsg.1-2ubuntu6.10_ia64_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.10_powerpc_translations.tar.gz 5.2.10.dfsg.1-2ubuntu6.10 (Accepted)

php5 (5.2.10.dfsg.1-2ubuntu6.10) karmic-security; urgency=low

  * debian/patches/php5-pear-CVE-2011-1144-regression.patch: fix
    mkdir parenthesis issue and PEAR::raiseErro typo (LP: #774452)

Date: Mon, 02 May 2011 09:21:27 -0700
Changed-By: Steve Beattie <sbeattie@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/php5/5.2.10.dfsg.1-2ubuntu6.10

Format: 1.8
Date: Mon, 02 May 2011 09:21:27 -0700
Source: php5
Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev
php5-dbg php-pear php5-curl php5-gd php5-gmp php5-ldap php5-mhash php5-mysql php5-odbc php5-pgsql
php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl
Architecture: source
Version: 5.2.10.dfsg.1-2ubuntu6.10
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Steve Beattie <sbeattie@...>
Description: 
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module)
 libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (metapackage)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language

[ubuntu/karmic-security] php5_5.2.10.dfsg.1-2ubuntu6.9_amd64_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.9_ia64_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.9_powerpc_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.9_lpia_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.9_sparc_translations.tar.gz (delayed), php5, php5_5.2.10.dfsg.1-2ubuntu6.9_armel_translations.tar.gz, php5_5.2.10.dfsg.1-2ubuntu6.9_i386_translations.tar.gz 5.2.10.dfsg.1-2ubuntu6.9 (Accepted)

php5 (5.2.10.dfsg.1-2ubuntu6.9) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary files removal via cronjob
    - debian/php5-common.php5.cron.d: take greater care when removing
      session files.
    - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09
    - CVE-2011-0441
  * SECURITY UPDATE: symlink tmp races in pear install
    - debian/patches/php5-pear-CVE-2011-1072.patch: improved
      tempfile handling.
    - debian/rules: apply patch manually after unpacking PEAR phar
      archive.
    - CVE-2011-1072
  * SECURITY UPDATE: more symlink races in pear install
    - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save
      file handler.
    - debian/rules: apply patch manually after unpacking PEAR phar
      archive.
    - CVE-2011-1144
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/php5-CVE-2010-4697.patch: retain reference to
      object until getter/setter are done.
    - CVE-2010-4697
  * SECURITY UPDATE: denial of service through application crash with
    invalid images
    - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing
      steps are either 4 or 16.
    - CVE-2010-4698
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-0421.patch: fail operation gracefully

[ubuntu/karmic-security] pcsc-lite (delayed), pcsc-lite 1.5.3-1ubuntu1.2 (Accepted)

pcsc-lite (1.5.3-1ubuntu1.2) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via long attribute value
    - src/atrhandler.c: verify against maximum attribute size.
    - http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html
    - CVE-2010-4531

Date: Thu, 14 Apr 2011 09:39:10 -0400
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/pcsc-lite/1.5.3-1ubuntu1.2

Format: 1.8
Date: Thu, 14 Apr 2011 09:39:10 -0400
Source: pcsc-lite
Binary: pcscd libpcsclite-dev libpcsclite1
Architecture: source
Version: 1.5.3-1ubuntu1.2
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Description: 
 libpcsclite-dev - Middleware to access a smart card using PC/SC (development files)
 libpcsclite1 - Middleware to access a smart card using PC/SC (library)
 pcscd      - Middleware to access a smart card using PC/SC (daemon side)
Changes: 
 pcsc-lite (1.5.3-1ubuntu1.2) karmic-security; urgency=low
 .

[ubuntu/karmic-security] rsync, rsync (delayed) 3.0.6-1ubuntu1.1 (Accepted)

rsync (3.0.6-1ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via malformed data
    - debian/patches/security-CVE-2011-1097.diff: introduce and use
      FLAG_OWNED_BY_US in flist.c, generator.c, log.c, rsync.*.
    - CVE-2011-1097

Date: Fri, 08 Apr 2011 10:18:37 -0400
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/rsync/3.0.6-1ubuntu1.1

Format: 1.8
Date: Fri, 08 Apr 2011 10:18:37 -0400
Source: rsync
Binary: rsync
Architecture: source
Version: 3.0.6-1ubuntu1.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Description: 
 rsync      - fast remote file copy program (like rcp)
Changes: 
 rsync (3.0.6-1ubuntu1.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible arbitrary code

[ubuntu/karmic-proposed] landscape-client 11.02-0ubuntu0.9.10.1 (Accepted)

landscape-client (11.02-0ubuntu0.9.10.1) karmic-proposed; urgency=low

  * debian/control, debian/rules: Add quilt
  * debian/patches/fix-landscape-monitor.patch: Fix landscape
    monitoring with gir1.0-gudev-1.0 installed. (LP: #747498)

landscape-client (11.02-0ubuntu0.9.10.0) karmic-proposed; urgency=low

  * New upstream version (LP: #727324)

    - Exit gracefully instead of crashing when the filesystem is
      read-only (LP: #649997).

    - Drop hal requirement (LP: #708502).

    - Enable HTTP compression in Curl (LP: #297623).

    - Explicitly name log files that need to be rotated (LP: #634236).

    - Assorted test suite fixes.

    - Use a better load check for the sysinfo wrapper, taking into account the
      number of cores (LP: #643565).

    - Add an option to bootstrap cloud instances using cloud-init
      (LP: #701972).

    - Fix packaging for Natty (LP: #688115).

    - Force deletion of all the persist data for the monitoring plugins at

[ubuntu/karmic-security] openslp-dfsg_1.2.1-7.5ubuntu0.1_lpia_translations.tar.gz, openslp-dfsg_1.2.1-7.5ubuntu0.1_amd64_translations.tar.gz, openslp-dfsg_1.2.1-7.5ubuntu0.1_armel_translations.tar.gz, openslp-dfsg, openslp-dfsg_1.2.1-7.5ubuntu0.1_sparc_translations.tar.gz (delayed), openslp-dfsg_1.2.1-7.5ubuntu0.1_i386_translations.tar.gz, openslp-dfsg_1.2.1-7.5ubuntu0.1_powerpc_translations.tar.gz, openslp-dfsg_1.2.1-7.5ubuntu0.1_ia64_translations.tar.gz 1.2.1-7.5ubuntu0.1 (Accepted)

openslp-dfsg (1.2.1-7.5ubuntu0.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service via circular reference
    - common/slp_message.c: detect circular reference. Patch thanks to SUSE.
    - CVE-2010-3609

Date: Tue, 05 Apr 2011 15:02:25 -0400
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/openslp-dfsg/1.2.1-7.5ubuntu0.1

Format: 1.8
Date: Tue, 05 Apr 2011 15:02:25 -0400
Source: openslp-dfsg
Binary: slpd openslp-doc libslp1 slptool libslp-dev
Architecture: source
Version: 1.2.1-7.5ubuntu0.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Description: 
 libslp-dev - OpenSLP development libraries
 libslp1    - OpenSLP libraries
 openslp-doc - OpenSLP documentation
 slpd       - OpenSLP Server (slpd)
 slptool    - SLP command line tool
Changes: 
 openslp-dfsg (1.2.1-7.5ubuntu0.1) karmic-security; urgency=low

[ubuntu/karmic-security] policykit-1_0.94-1ubuntu1.1_lpia_translations.tar.gz, policykit-1_0.94-1ubuntu1.1_amd64_translations.tar.gz, policykit-1_0.94-1ubuntu1.1_sparc_translations.tar.gz (delayed), policykit-1_0.94-1ubuntu1.1_powerpc_translations.tar.gz, policykit-1_0.94-1ubuntu1.1_ia64_translations.tar.gz, policykit-1_0.94-1ubuntu1.1_armel_translations.tar.gz, policykit-1, policykit-1_0.94-1ubuntu1.1_i386_translations.tar.gz 0.94-1ubuntu1.1 (Accepted)

policykit-1 (0.94-1ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: avoid /proc race conditions when checking privileges
    for pkexec.
    - 10_fix_proc_race.patch
    - CVE-2011-1485

Date: Tue, 19 Apr 2011 13:06:21 -0700
Changed-By: Kees Cook <kees@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/policykit-1/0.94-1ubuntu1.1

Format: 1.8
Date: Tue, 19 Apr 2011 13:06:21 -0700
Source: policykit-1
Binary: policykit-1 policykit-1-doc libpolkit-gobject-1-0 libpolkit-gobject-1-dev
libpolkit-agent-1-0 libpolkit-agent-1-dev libpolkit-backend-1-0 libpolkit-backend-1-dev
Architecture: source
Version: 0.94-1ubuntu1.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Kees Cook <kees@...>
Description: 
 libpolkit-agent-1-0 - PolicyKit Authentication Agent API
 libpolkit-agent-1-dev - PolicyKit Authentication Agent API - development files
 libpolkit-backend-1-0 - PolicyKit backend API
 libpolkit-backend-1-dev - PolicyKit backend API - development files
 libpolkit-gobject-1-0 - PolicyKit Authorization API

[ubuntu/karmic-security] krb5, krb5_1.7dfsg~beta3-1ubuntu0.13_amd64_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.13_armel_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.13_powerpc_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.13_lpia_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.13_sparc_translations.tar.gz (delayed), krb5_1.7dfsg~beta3-1ubuntu0.13_ia64_translations.tar.gz, krb5_1.7dfsg~beta3-1ubuntu0.13_i386_translations.tar.gz 1.7dfsg~beta3-1ubuntu0.13 (Accepted)

krb5 (1.7dfsg~beta3-1ubuntu0.13) karmic-security; urgency=low

  * SECURITY UPDATE: kadmind denial of service from freeing of uninitialized
    pointer.
    - src/kadmin/server/{network,schpw}.c: fix, thanks to upstream.
    - CVE-2011-0285
    - MITKRB5-SA-2011-004

Date: Mon, 18 Apr 2011 15:40:41 -0700
Changed-By: Kees Cook <kees@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/krb5/1.7dfsg~beta3-1ubuntu0.13

Format: 1.8
Date: Mon, 18 Apr 2011 15:40:41 -0700
Source: krb5
Binary: krb5-user krb5-clients krb5-rsh-server krb5-ftpd krb5-telnetd krb5-kdc krb5-kdc-ldap
krb5-admin-server libkrb5-dev libkrb5-dbg krb5-pkinit krb5-doc libkrb5-3 libgssapi-krb5-2
libgssrpc4 libkadm5srv6 libkadm5clnt6 libk5crypto3 libkdb5-4 libkrb5support0
Architecture: source
Version: 1.7dfsg~beta3-1ubuntu0.13
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Kees Cook <kees@...>
Description: 
 krb5-admin-server - MIT Kerberos master server (kadmind)
 krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos
 krb5-doc   - Documentation for MIT Kerberos

[ubuntu/karmic-security] ia32-libs (delayed), ia32-libs 2.7ubuntu17.1 (Accepted)

ia32-libs (2.7ubuntu17.1) karmic-security; urgency=low

  * SECURITY UPDATE: Refresh packages to pull in security fixes,
    including:
    - lcms: buffer overflow, CVE-2009-0793 (LP: #700198)
    - openssl: multiple issues, including CVE-2009-3555, CVE-2009-3245,
      and CVE-2010-2939
    - libpango1.0: multiple DoS, possible code execution issues:
      CVE-2010-0421, CVE-2011-0020, CVE-2011-0064
    - libfreetype: multiple DoS, possible code execution issues:
      CVE-2010-3311, CVE-2010-3814, CVE-2010-3855, CVE-2010-1797,
      CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807,
      CVE-2010-2808, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500,
      CVE-2010-2519, CVE-2010-2520, CVE-2010-2527
    - nss: many issues

Date: Tue, 12 Apr 2011 02:08:26 -0700
Changed-By: Steve Beattie <sbeattie@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/ia32-libs/2.7ubuntu17.1

Format: 1.8
Date: Tue, 12 Apr 2011 02:08:26 -0700
Source: ia32-libs
Binary: ia32-libs ia32-libs-dev lib32gcc1
Architecture: source
Version: 2.7ubuntu17.1
Distribution: karmic-security
Urgency: low

[ubuntu/karmic-security] dhcp3, dhcp3_3.1.2-1ubuntu7.3_sparc_translations.tar.gz (delayed), dhcp3_3.1.2-1ubuntu7.3_ia64_translations.tar.gz, dhcp3_3.1.2-1ubuntu7.3_powerpc_translations.tar.gz, dhcp3_3.1.2-1ubuntu7.3_lpia_translations.tar.gz, dhcp3_3.1.2-1ubuntu7.3_armel_translations.tar.gz, dhcp3_3.1.2-1ubuntu7.3_i386_translations.tar.gz, dhcp3_3.1.2-1ubuntu7.3_amd64_translations.tar.gz 3.1.2-1ubuntu7.3 (Accepted)

dhcp3 (3.1.2-1ubuntu7.3) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via crafted hostname
    - Patch for CVE-2011-0997 was getting reverted during the build
      because of special quilt handling in debian/rules for the ldap
      patches.
    - debian/patches/00list: move CVE-2011-0997 patch before the ldap
      patches, and add comment.
    - CVE-2011-0997

Date: Tue, 19 Apr 2011 09:25:29 -0400
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
https://launchpad.net/ubuntu/karmic/+source/dhcp3/3.1.2-1ubuntu7.3

Format: 1.8
Date: Tue, 19 Apr 2011 09:25:29 -0400
Source: dhcp3
Binary: dhcp3-server dhcp3-server-ldap dhcp3-common dhcp3-dev dhcp-client dhcp3-client
dhcp3-client-udeb dhcp3-relay
Architecture: source
Version: 3.1.2-1ubuntu7.3
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@...>
Changed-By: Marc Deslauriers <marc.deslauriers@...>
Description: 
 dhcp-client - DHCP client transitional package
 dhcp3-client - DHCP client

[ubuntu/karmic-security] kdenetwork_4.3.2-0ubuntu4.5_armel_translations.tar.gz, kdenetwork_4.3.2-0ubuntu4.5_sparc_translations.tar.gz (delayed), kdenetwork_4.3.2-0ubuntu4.5_i386_translations.tar.gz, kdenetwork_4.3.2-0ubuntu4.5_lpia_translations.tar.gz, kdenetwork_4.3.2-0ubuntu4.5_amd64_translations.tar.gz, kdenetwork_4.3.2-0ubuntu4.5_powerpc_translations.tar.gz, kdenetwork_4.3.2-0ubuntu4.5_ia64_translations.tar.gz, kdenetwork 4:4.3.2-0ubuntu4.5 (Accepted)

kdenetwork (4:4.3.2-0ubuntu4.5) karmic-security; urgency=low

  * SECURITY UPDATE: fix directory traversal in kget
    - debian/patches/kubuntu_06_CVE-2010-1000b.diff: more input validation due
      to incomplete fix for CVE-2010-1000
    - CVE-2011-XXXX
    - LP: #757526

Date: Fri, 15 Apr 2011 09:13:14 -0500
Changed-By: Jamie Strandboge <jamie@...>
Maintainer: Kubuntu Developers <kubuntu-devel@...>
https://launchpad.net/ubuntu/karmic/+source/kdenetwork/4:4.3.2-0ubuntu4.5

Format: 1.8
Date: Fri, 15 Apr 2011 09:13:14 -0500
Source: kdenetwork
Binary: kdenetwork kdenetwork-filesharing kget libkopete4 kopete libkopete-dev kppp krdc krfb
kdenetwork-dbg kde-zeroconf kopete-plugin-otr-kde4
Architecture: source
Version: 4:4.3.2-0ubuntu4.5
Distribution: karmic-security
Urgency: low
Maintainer: Kubuntu Developers <kubuntu-devel@...>
Changed-By: Jamie Strandboge <jamie@...>
Description: 
 kde-zeroconf - zeroconf plugins and kio slaves for KDE 4
 kdenetwork - networking applications from the official KDE 4 release
 kdenetwork-dbg - debugging symbols for the KDE 4 networking module
 kdenetwork-filesharing - network filesharing configuration module for KDE 4