UbuntuUpdates.org


AllMaverickLucidKarmicJauntyIntrepidHardyAll PPAs
Recent Search QueriesSearch Statistics


ChangelogsAll updates as soon as their changelog becomes available (Home page).
UpdatesAll updates in descending chronological order (no changelog included).
PPAsList of PPAs and 3rd party repositories tracked by UbuntuUpdates.
DashboardUpdates and bug fixes summary over the past few days.
NewsNews about UbuntuUpdates.
BugsBugs fixed in ubuntu packages in descending chronological order.
StatsUbuntuUpdates visit statistics.

Latest updates with changelog for karmic

Show updated packages for:
Hardy Intrepid Jaunty Karmic Lucid Maverick All releases
Include PPAs Exclude PPAs

Note: Only updates for "head" packages where the change log is available are shown on this page (view all).

xulrunner-1.9.2 09-08 23:03 UTC
Release: karmic Repo: universe Level: updates New version: 1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1
Packages in group:  xulrunner-1.9.2-testsuite 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1) karmic-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 11:56:34 +0100

firefox-3.5 09-08 23:03 UTC
Release: karmic Repo: universe Level: updates New version: 3.6.9+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  abrowser abrowser-3.0 abrowser-3.0-branding abrowser-3.1 abrowser-3.1-branding abrowser-3.5 firefox-3.0 firefox-3.0-branding firefox-3.0-dom-inspector firefox-3.0-gnome-support firefox-3.0-venkman firefox-3.1 firefox-3.1-branding firefox-3.1-gnome-support firefox-dom-inspector 
firefox-3.5 (3.6.9+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  * Fix LP: #609941 - Provide a transition path from residual Firefox 2
    packages left over from Hardy
    - update debian/control
    - add debian/firefox-2.preinst

 -- Chris Coulson   Wed, 25 Aug 2010 22:59:50 +0100
609941 firefox-3.5: "package firefox 3.5.9 nobinonly-0ubuntu0.9.10.1 failed to install/upgrade: trying to overwrite '/usr/share/bug/firefox/presubj', which i

xulrunner-1.9.1 09-08 23:03 UTC
Release: karmic Repo: universe Level: updates New version: 1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  xulrunner-1.9.1-testsuite xulrunner-1.9.1-testsuite-dev 
xulrunner-1.9.1 (1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v1.9.1.12 (FIREFOX_3_5_12_BUILD1)
    - see USN-975-1

  * Drop the xulrunner-dev binary, as there is a newer one provided 
    by xulrunner-1.9.2 now
    - update debian/control

 -- Chris Coulson   Thu, 26 Aug 2010 18:47:01 +0100

xulrunner-1.9.2 09-08 23:03 UTC
Release: karmic Repo: main Level: updates New version: 1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1
Packages in group:  xulrunner-1.9 xulrunner-1.9.2-dbg xulrunner-1.9.2-dev xulrunner-1.9.2-gnome-support xulrunner-1.9.2-testsuite xulrunner-1.9.2-testsuite-dev xulrunner-dev 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1) karmic-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 11:56:34 +0100

xulrunner-1.9.1 09-08 23:03 UTC
Release: karmic Repo: main Level: updates New version: 1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  xulrunner-1.9.1-dbg xulrunner-1.9.1-dev xulrunner-1.9.1-gnome-support xulrunner-1.9.1-testsuite-dev 
xulrunner-1.9.1 (1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v1.9.1.12 (FIREFOX_3_5_12_BUILD1)
    - see USN-975-1

  * Drop the xulrunner-dev binary, as there is a newer one provided 
    by xulrunner-1.9.2 now
    - update debian/control

 -- Chris Coulson   Thu, 26 Aug 2010 18:47:01 +0100

firefox-3.5 09-08 23:03 UTC
Release: karmic Repo: main Level: updates New version: 3.6.9+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  abrowser abrowser-3.0 abrowser-3.0-branding abrowser-3.1 abrowser-3.1-branding abrowser-3.5 abrowser-3.5-branding abrowser-branding firefox firefox-2 firefox-2-dbg firefox-2-dev firefox-2-dom-inspector firefox-2-gnome-support firefox-2-libthai firefox-3.0 firefox-3.0-branding firefox-3.0-dev firefox-3.0-dom-inspector firefox-3.0-gnome-support firefox-3.0-venkman firefox-3.1 firefox-3.1-branding firefox-3.1-dbg firefox-3.1-dev firefox-3.1-gnome-support firefox-3.5-branding firefox-3.5-dbg firefox-3.5-dev firefox-3.5-gnome-support firefox-branding firefox-dbg firefox-dev firefox-dom-inspector firefox-gnome-support firefox-gnome-support-dbg 
firefox-3.5 (3.6.9+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  * Fix LP: #609941 - Provide a transition path from residual Firefox 2
    packages left over from Hardy
    - update debian/control
    - add debian/firefox-2.preinst

 -- Chris Coulson   Wed, 25 Aug 2010 22:59:50 +0100
609941 firefox-3.5: "package firefox 3.5.9 nobinonly-0ubuntu0.9.10.1 failed to install/upgrade: trying to overwrite '/usr/share/bug/firefox/presubj', which i

firefox-3.5 09-08 22:01 UTC
Release: karmic Repo: universe Level: security New version: 3.6.9+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  abrowser abrowser-3.0 abrowser-3.0-branding abrowser-3.1 abrowser-3.1-branding abrowser-3.5 firefox-3.0 firefox-3.0-branding firefox-3.0-dom-inspector firefox-3.0-gnome-support firefox-3.0-venkman firefox-3.1 firefox-3.1-branding firefox-3.1-gnome-support firefox-dom-inspector 
firefox-3.5 (3.6.9+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  * Fix LP: #609941 - Provide a transition path from residual Firefox 2
    packages left over from Hardy
    - update debian/control
    - add debian/firefox-2.preinst

 -- Chris Coulson   Wed, 25 Aug 2010 22:59:50 +0100
609941 firefox-3.5: "package firefox 3.5.9 nobinonly-0ubuntu0.9.10.1 failed to install/upgrade: trying to overwrite '/usr/share/bug/firefox/presubj', which i

xulrunner-1.9.1 09-08 22:01 UTC
Release: karmic Repo: universe Level: security New version: 1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  xulrunner-1.9.1-testsuite xulrunner-1.9.1-testsuite-dev 
xulrunner-1.9.1 (1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v1.9.1.12 (FIREFOX_3_5_12_BUILD1)
    - see USN-975-1

  * Drop the xulrunner-dev binary, as there is a newer one provided 
    by xulrunner-1.9.2 now
    - update debian/control

 -- Chris Coulson   Thu, 26 Aug 2010 18:47:01 +0100

xulrunner-1.9.2 09-08 22:01 UTC
Release: karmic Repo: universe Level: security New version: 1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1
Packages in group:  xulrunner-1.9.2-testsuite 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1) karmic-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 11:56:34 +0100

lxr-cvs 09-08 21:02 UTC
Release: karmic Repo: universe Level: updates New version: 0.9.5+cvs20071020-1+lenny1build0.9.10.1
Packages in group:  None 
lxr-cvs (0.9.5+cvs20071020-1+lenny1build0.9.10.1) karmic-security; urgency=low

  * fake sync from Debian

 -- Kees Cook   Fri, 03 Sep 2010 14:45:53 -0700

zope-ldapuserfolder 09-08 21:02 UTC
Release: karmic Repo: universe Level: updates New version: 2.9-1+lenny1build0.9.10.1
Packages in group:  None 
zope-ldapuserfolder (2.9-1+lenny1build0.9.10.1) karmic-security; urgency=low

  * fake sync from Debian

 -- Kees Cook   Fri, 03 Sep 2010 14:37:24 -0700

xulrunner-1.9.2 09-08 21:01 UTC
Release: karmic Repo: main Level: security New version: 1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1
Packages in group:  xulrunner-1.9 xulrunner-1.9.2-dbg xulrunner-1.9.2-dev xulrunner-1.9.2-gnome-support xulrunner-1.9.2-testsuite xulrunner-1.9.2-testsuite-dev xulrunner-dev 
xulrunner-1.9.2 (1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1) karmic-security; urgency=low

  * New upstream release v1.9.2.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  [ Micah Gersten  ]
  * Add patch to allow building with system NSPR less than 4.8.6
    - add debian/patches/fix_build_w_nspr_less_than_486.patch
    - update debian/series 

 -- Chris Coulson   Mon, 06 Sep 2010 11:56:34 +0100

xulrunner-1.9.1 09-08 21:01 UTC
Release: karmic Repo: main Level: security New version: 1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  xulrunner-1.9.1-dbg xulrunner-1.9.1-dev xulrunner-1.9.1-gnome-support xulrunner-1.9.1-testsuite xulrunner-1.9.1-testsuite-dev 
xulrunner-1.9.1 (1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v1.9.1.12 (FIREFOX_3_5_12_BUILD1)
    - see USN-975-1

  * Drop the xulrunner-dev binary, as there is a newer one provided 
    by xulrunner-1.9.2 now
    - update debian/control

 -- Chris Coulson   Thu, 26 Aug 2010 18:47:01 +0100

firefox-3.5 09-08 21:01 UTC
Release: karmic Repo: main Level: security New version: 3.6.9+build1+nobinonly-0ubuntu0.9.10.2
Packages in group:  abrowser abrowser-3.0 abrowser-3.0-branding abrowser-3.1 abrowser-3.1-branding abrowser-3.5 abrowser-3.5-branding abrowser-branding firefox firefox-2 firefox-2-dbg firefox-2-dev firefox-2-dom-inspector firefox-2-gnome-support firefox-2-libthai firefox-3.0 firefox-3.0-branding firefox-3.0-dev firefox-3.0-dom-inspector firefox-3.0-gnome-support firefox-3.0-venkman firefox-3.1 firefox-3.1-branding firefox-3.1-dbg firefox-3.1-dev firefox-3.1-gnome-support firefox-3.5-branding firefox-3.5-dbg firefox-3.5-dev firefox-3.5-gnome-support firefox-branding firefox-dbg firefox-dev firefox-dom-inspector firefox-gnome-support firefox-gnome-support-dbg 
firefox-3.5 (3.6.9+build1+nobinonly-0ubuntu0.9.10.2) karmic-security; urgency=low

  * New upstream release v3.6.9 (FIREFOX_3_6_9_BUILD1)
    - see USN-975-1

  * Fix LP: #609941 - Provide a transition path from residual Firefox 2
    packages left over from Hardy
    - update debian/control
    - add debian/firefox-2.preinst

 -- Chris Coulson   Wed, 25 Aug 2010 22:59:50 +0100
609941 firefox-3.5: "package firefox 3.5.9 nobinonly-0ubuntu0.9.10.1 failed to install/upgrade: trying to overwrite '/usr/share/bug/firefox/presubj', which i

zope-ldapuserfolder 09-08 19:03 UTC
Release: karmic Repo: universe Level: security New version: 2.9-1+lenny1build0.9.10.1
Packages in group:  None 
zope-ldapuserfolder (2.9-1+lenny1build0.9.10.1) karmic-security; urgency=low

  * fake sync from Debian

 -- Kees Cook   Fri, 03 Sep 2010 14:37:24 -0700

lxr-cvs 09-08 19:03 UTC
Release: karmic Repo: universe Level: security New version: 0.9.5+cvs20071020-1+lenny1build0.9.10.1
Packages in group:  None 
lxr-cvs (0.9.5+cvs20071020-1+lenny1build0.9.10.1) karmic-security; urgency=low

  * fake sync from Debian

 -- Kees Cook   Fri, 03 Sep 2010 14:45:53 -0700

lftp 09-08 19:03 UTC
Release: karmic Repo: main Level: security New version: 3.7.15-1ubuntu2.1
Packages in group:  None 
lftp (3.7.15-1ubuntu2.1) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via dot file download
    - debian/patches/CVE-2010-2251.dpatch: don't use server-provided names
      in src/{FileAccess,FileCopy,GetJob,commands,resource}.cc.
    - This update changes previous behaviour by ignoring the filename
      supplied by the server in the Content-Disposition header. To
      re-enable previous behaviour, use the new xfer:auto-rename setting.
    - CVE-2010-2251

 -- Marc Deslauriers   Thu, 02 Sep 2010 15:34:40 -0400
CVE-2010-2251 The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination fi

lftp 09-07 21:07 UTC
Release: karmic Repo: main Level: updates New version: 3.7.15-1ubuntu2.1
Packages in group:  None 
lftp (3.7.15-1ubuntu2.1) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via dot file download
    - debian/patches/CVE-2010-2251.dpatch: don't use server-provided names
      in src/{FileAccess,FileCopy,GetJob,commands,resource}.cc.
    - This update changes previous behaviour by ignoring the filename
      supplied by the server in the Content-Disposition header. To
      re-enable previous behaviour, use the new xfer:auto-rename setting.
    - CVE-2010-2251

 -- Marc Deslauriers   Thu, 02 Sep 2010 15:34:40 -0400
CVE-2010-2251 The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination fi

sudo 09-07 16:08 UTC
Release: karmic Repo: universe Level: updates New version: 1.7.0-1ubuntu2.5
Packages in group:  sudo-ldap 
sudo (1.7.0-1ubuntu2.5) karmic-security; urgency=low

  * SECURITY UPDATE: privilege escalation via '-g' option when using
    'user:group' in Runas_Spec
    - update match.c to verify both user and group match sudoers when using
      '-g'. Based on patch from upstream.
    - CVE-2010-2956

 -- Jamie Strandboge   Tue, 31 Aug 2010 15:55:00 -0500
CVE-2010-2956 sudo issue

sudo 09-07 16:08 UTC
Release: karmic Repo: main Level: updates New version: 1.7.0-1ubuntu2.5
Packages in group:  None 
sudo (1.7.0-1ubuntu2.5) karmic-security; urgency=low

  * SECURITY UPDATE: privilege escalation via '-g' option when using
    'user:group' in Runas_Spec
    - update match.c to verify both user and group match sudoers when using
      '-g'. Based on patch from upstream.
    - CVE-2010-2956

 -- Jamie Strandboge   Tue, 31 Aug 2010 15:55:00 -0500
CVE-2010-2956 sudo issue


About   -   Changelog   -   Send Feedback