UbuntuUpdates.org


AllMaverickLucidKarmicJauntyIntrepidHardyAll PPAs
Recent Search QueriesSearch Statistics


ChangelogsAll updates as soon as their changelog becomes available (Home page).
UpdatesAll updates in descending chronological order (no changelog included).
PPAsList of PPAs and 3rd party repositories tracked by UbuntuUpdates.
DashboardUpdates and bug fixes summary over the past few days.
NewsNews about UbuntuUpdates.
BugsBugs fixed in ubuntu packages in descending chronological order.
StatsUbuntuUpdates visit statistics.

Latest updates with changelog for hardy

Show updated packages for:
Hardy Intrepid Jaunty Karmic Lucid Maverick All releases
Include PPAs Exclude PPAs

Note: Only updates for "head" packages where the change log is available are shown on this page (view all).

firefox-3.0 09-08 23:03 UTC
Release: hardy Repo: universe Level: updates New version: 3.6.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  firefox-3.0-dom-inspector firefox-3.0-venkman firefox-dom-inspector firefox-granparadiso firefox-granparadiso-dom-inspector firefox-granparadiso-gnome-support firefox-libthai firefox-trunk firefox-trunk-dom-inspector firefox-trunk-gnome-support firefox-trunk-venkman 
firefox-3.0 (3.6.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

 -- Chris Coulson   Wed, 25 Aug 2010 15:26:08 +0100

xulrunner-1.9.2 09-08 23:03 UTC
Release: hardy Repo: universe Level: updates New version: 1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  xulrunner-1.9.2-testsuite 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 12:03:13 +0100

xulrunner-1.9.2 09-08 23:03 UTC
Release: hardy Repo: main Level: updates New version: 1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  xulrunner-1.9.2-dbg xulrunner-1.9.2-dev xulrunner-1.9.2-gnome-support xulrunner-1.9.2-testsuite xulrunner-1.9.2-testsuite-dev xulrunner-dev 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 12:03:13 +0100

firefox-3.0 09-08 23:03 UTC
Release: hardy Repo: main Level: updates New version: 3.6.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  abrowser abrowser-branding firefox firefox-3.0-dev firefox-3.0-gnome-support firefox-branding firefox-dbg firefox-dev firefox-gnome-support firefox-gnome-support-dbg firefox-granparadiso firefox-granparadiso-dev firefox-granparadiso-gnome-support firefox-libthai firefox-trunk firefox-trunk-dev firefox-trunk-gnome-support 
firefox-3.0 (3.6.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

 -- Chris Coulson   Wed, 25 Aug 2010 15:26:08 +0100

firefox-3.0 09-08 22:01 UTC
Release: hardy Repo: universe Level: security New version: 3.6.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  firefox-3.0-dom-inspector firefox-3.0-venkman firefox-dom-inspector firefox-granparadiso firefox-granparadiso-dom-inspector firefox-granparadiso-gnome-support firefox-libthai firefox-trunk firefox-trunk-dom-inspector firefox-trunk-gnome-support firefox-trunk-venkman 
firefox-3.0 (3.6.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

 -- Chris Coulson   Wed, 25 Aug 2010 15:26:08 +0100

xulrunner-1.9.2 09-08 22:01 UTC
Release: hardy Repo: universe Level: security New version: 1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  xulrunner-1.9.2-testsuite 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 12:03:13 +0100

firefox-3.0 09-08 21:02 UTC
Release: hardy Repo: main Level: security New version: 3.6.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  abrowser abrowser-branding firefox firefox-3.0-dev firefox-3.0-gnome-support firefox-branding firefox-dbg firefox-dev firefox-gnome-support firefox-gnome-support-dbg firefox-granparadiso firefox-granparadiso-dev firefox-granparadiso-gnome-support firefox-libthai firefox-trunk firefox-trunk-dev firefox-trunk-gnome-support 
firefox-3.0 (3.6.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

 -- Chris Coulson   Wed, 25 Aug 2010 15:26:08 +0100

xulrunner-1.9.2 09-08 21:02 UTC
Release: hardy Repo: main Level: security New version: 1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1
Packages in group:  xulrunner-1.9.2-dbg xulrunner-1.9.2-dev xulrunner-1.9.2-gnome-support xulrunner-1.9.2-testsuite xulrunner-1.9.2-testsuite-dev xulrunner-dev 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 12:03:13 +0100

lftp 09-07 21:07 UTC
Release: hardy Repo: main Level: updates New version: 3.6.1-1ubuntu0.1
Packages in group:  None 
lftp (3.6.1-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via dot file download
    - debian/patches/CVE-2010-2251.dpatch: don't use server-provided names
      in src/{FileAccess,FileCopy,GetJob,commands,resource}.cc.
    - This update changes previous behaviour by ignoring the filename
      supplied by the server in the Content-Disposition header. To
      re-enable previous behaviour, use the new xfer:auto-rename setting.
    - CVE-2010-2251

 -- Marc Deslauriers   Thu, 02 Sep 2010 15:57:12 -0400
CVE-2010-2251 The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination fi

lftp 09-07 19:08 UTC
Release: hardy Repo: main Level: security New version: 3.6.1-1ubuntu0.1
Packages in group:  None 
lftp (3.6.1-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via dot file download
    - debian/patches/CVE-2010-2251.dpatch: don't use server-provided names
      in src/{FileAccess,FileCopy,GetJob,commands,resource}.cc.
    - This update changes previous behaviour by ignoring the filename
      supplied by the server in the Content-Disposition header. To
      re-enable previous behaviour, use the new xfer:auto-rename setting.
    - CVE-2010-2251

 -- Marc Deslauriers   Thu, 02 Sep 2010 15:57:12 -0400
CVE-2010-2251 The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination fi

wget 09-02 16:03 UTC
Release: hardy Repo: main Level: updates New version: 1.10.2-3ubuntu1.2
Packages in group:  None 
wget (1.10.2-3ubuntu1.2) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
    - debian/patches/CVE-2010-2252.dpatch: don't use server names in
      doc/wget.texi, src/{http.c,init.c,main.c,options.h,retr.*}.
    - This update changes previous behaviour by ignoring the filename
      supplied by the server during redirects. To re-enable previous
      behaviour, see the new --trust-server-names option.
    - CVE-2010-2252

 -- Marc Deslauriers   Wed, 01 Sep 2010 11:20:17 -0400
CVE-2010-2252 GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allow

wget 09-02 14:04 UTC
Release: hardy Repo: main Level: security New version: 1.10.2-3ubuntu1.2
Packages in group:  None 
wget (1.10.2-3ubuntu1.2) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via 3xx redirect
    - debian/patches/CVE-2010-2252.dpatch: don't use server names in
      doc/wget.texi, src/{http.c,init.c,main.c,options.h,retr.*}.
    - This update changes previous behaviour by ignoring the filename
      supplied by the server during redirects. To re-enable previous
      behaviour, see the new --trust-server-names option.
    - CVE-2010-2252

 -- Marc Deslauriers   Wed, 01 Sep 2010 11:20:17 -0400
CVE-2010-2252 GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allow

virtualbox-ose-modules 09-01 10:01 UTC
Release: hardy Repo: universe Level: proposed New version: 24.0.14
Packages in group:  virtualbox-ose-guest-modules-2.6.24-25-386 virtualbox-ose-guest-modules-2.6.24-25-generic virtualbox-ose-guest-modules-2.6.24-25-openvz virtualbox-ose-guest-modules-2.6.24-25-rt virtualbox-ose-guest-modules-2.6.24-25-server virtualbox-ose-guest-modules-2.6.24-25-virtual virtualbox-ose-guest-modules-2.6.24-26-386 virtualbox-ose-guest-modules-2.6.24-26-generic virtualbox-ose-guest-modules-2.6.24-26-openvz virtualbox-ose-guest-modules-2.6.24-26-rt virtualbox-ose-guest-modules-2.6.24-26-server virtualbox-ose-guest-modules-2.6.24-26-virtual virtualbox-ose-guest-modules-2.6.24-27-386 virtualbox-ose-guest-modules-2.6.24-27-generic virtualbox-ose-guest-modules-2.6.24-27-openvz virtualbox-ose-guest-modules-2.6.24-27-rt virtualbox-ose-guest-modules-2.6.24-27-server virtualbox-ose-guest-modules-2.6.24-27-virtual virtualbox-ose-guest-modules-2.6.24-28-386 virtualbox-ose-guest-modules-2.6.24-28-generic virtualbox-ose-guest-modules-2.6.24-28-openvz virtualbox-ose-guest-modules-2.6.24-28-rt virtualbox-ose-guest-modules-2.6.24-28-server virtualbox-ose-guest-modules-2.6.24-28-virtual virtualbox-ose-guest-modules-386 virtualbox-ose-guest-modules-generic virtualbox-ose-guest-modules-openvz virtualbox-ose-guest-modules-rt virtualbox-ose-guest-modules-server virtualbox-ose-guest-modules-virtual virtualbox-ose-modules-2.6.24-25-386 virtualbox-ose-modules-2.6.24-25-generic virtualbox-ose-modules-2.6.24-25-openvz virtualbox-ose-modules-2.6.24-25-rt virtualbox-ose-modules-2.6.24-25-server virtualbox-ose-modules-2.6.24-25-virtual virtualbox-ose-modules-2.6.24-26-386 virtualbox-ose-modules-2.6.24-26-generic virtualbox-ose-modules-2.6.24-26-openvz virtualbox-ose-modules-2.6.24-26-rt virtualbox-ose-modules-2.6.24-26-server virtualbox-ose-modules-2.6.24-26-virtual virtualbox-ose-modules-2.6.24-27-386 virtualbox-ose-modules-2.6.24-27-generic virtualbox-ose-modules-2.6.24-27-openvz virtualbox-ose-modules-2.6.24-27-rt virtualbox-ose-modules-2.6.24-27-server virtualbox-ose-modules-2.6.24-27-virtual virtualbox-ose-modules-2.6.24-28-386 virtualbox-ose-modules-2.6.24-28-generic virtualbox-ose-modules-2.6.24-28-openvz virtualbox-ose-modules-2.6.24-28-rt virtualbox-ose-modules-2.6.24-28-server virtualbox-ose-modules-2.6.24-28-virtual virtualbox-ose-modules-386 virtualbox-ose-modules-generic virtualbox-ose-modules-openvz virtualbox-ose-modules-rt virtualbox-ose-modules-server virtualbox-ose-modules-virtual 
virtualbox-ose-modules (24.0.14) hardy-proposed; urgency=low

  * Rebuild for 2.6.24-28 (LP: #615516)
    - debian/control: s/2.6.24-27/2.6.24-28/g

 -- Daniel Hahler   Mon, 09 Aug 2010 21:28:36 +0200
615516 virtualbox-ose-modules: "Upgrade virtualbox-ose-modules for linux 2.6.24-28"

bogofilter 08-31 16:02 UTC
Release: hardy Repo: universe Level: updates New version: 1.1.5-2ubuntu5.1
Packages in group:  bogofilter-sqlite 
bogofilter (1.1.5-2ubuntu5.1) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid base64 data
    - src/base64.c: correctly calculate string pointers.
    - src/tests/Makefile.*, src/tests/t.base64: add regression test
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/src/base64.c?view=patch&r1=6906&r2=6903
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6905
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588090
    - CVE-2010-2494

 -- Marc Deslauriers   Fri, 27 Aug 2010 10:16:52 -0400
CVE-2010-2494 Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to

libwww-perl 08-31 16:02 UTC
Release: hardy Repo: main Level: updates New version: 5.808-1ubuntu0.1
Packages in group:  None 
libwww-perl (5.808-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via dot file download
    - debian/patches/CVE-2010-2253.patch: reject filenames that start with
      a dot in bin/lwp-download.
    - CVE-2010-2253

 -- Marc Deslauriers   Fri, 27 Aug 2010 14:36:59 -0400
CVE-2010-2253 lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to cr

bogofilter 08-31 16:02 UTC
Release: hardy Repo: main Level: updates New version: 1.1.5-2ubuntu5.1
Packages in group:  bogofilter-bdb bogofilter-common 
bogofilter (1.1.5-2ubuntu5.1) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid base64 data
    - src/base64.c: correctly calculate string pointers.
    - src/tests/Makefile.*, src/tests/t.base64: add regression test
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/src/base64.c?view=patch&r1=6906&r2=6903
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6905
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588090
    - CVE-2010-2494

 -- Marc Deslauriers   Fri, 27 Aug 2010 10:16:52 -0400
CVE-2010-2494 Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to

libwww-perl 08-31 14:06 UTC
Release: hardy Repo: main Level: security New version: 5.808-1ubuntu0.1
Packages in group:  None 
libwww-perl (5.808-1ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via dot file download
    - debian/patches/CVE-2010-2253.patch: reject filenames that start with
      a dot in bin/lwp-download.
    - CVE-2010-2253

 -- Marc Deslauriers   Fri, 27 Aug 2010 14:36:59 -0400
CVE-2010-2253 lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to cr

bogofilter 08-31 14:06 UTC
Release: hardy Repo: main Level: security New version: 1.1.5-2ubuntu5.1
Packages in group:  bogofilter-bdb bogofilter-common 
bogofilter (1.1.5-2ubuntu5.1) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid base64 data
    - src/base64.c: correctly calculate string pointers.
    - src/tests/Makefile.*, src/tests/t.base64: add regression test
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/src/base64.c?view=patch&r1=6906&r2=6903
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6905
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588090
    - CVE-2010-2494

 -- Marc Deslauriers   Fri, 27 Aug 2010 10:16:52 -0400
CVE-2010-2494 Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to

bogofilter 08-31 14:06 UTC
Release: hardy Repo: universe Level: security New version: 1.1.5-2ubuntu5.1
Packages in group:  bogofilter-sqlite 
bogofilter (1.1.5-2ubuntu5.1) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via invalid base64 data
    - src/base64.c: correctly calculate string pointers.
    - src/tests/Makefile.*, src/tests/t.base64: add regression test
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter/trunk/bogofilter/src/base64.c?view=patch&r1=6906&r2=6903
    - http://bogofilter.svn.sourceforge.net/viewvc/bogofilter?view=revision&revision=6905
    - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588090
    - CVE-2010-2494

 -- Marc Deslauriers   Fri, 27 Aug 2010 10:16:52 -0400
CVE-2010-2494 Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to

openjdk-6 08-30 23:02 UTC
Release: hardy Repo: universe Level: updates New version: 6b18-1.8.1-0ubuntu1~8.04.3
Packages in group:  openjdk-6-dbg openjdk-6-demo openjdk-6-doc openjdk-6-jdk openjdk-6-jre openjdk-6-jre-headless openjdk-6-jre-lib openjdk-6-source 
openjdk-6 (6b18-1.8.1-0ubuntu1~8.04.3) hardy-security; urgency=low

  * openjdk-6-jre-headless: Provide java-virtual-machine for releases
    older than karmic.
  * Plugin and netx fixes.

 -- Matthias Klose   Tue, 24 Aug 2010 06:56:36 +0200


About   -   Changelog   -   Send Feedback