UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 1303688 SRU bug-fix microrelease 2.0.8.1 in Trusty lyx
Launchpad 1284093 Please update regulations to support VHT wireless-regdb
Launchpad 1402232 Warning for \ gui-ufw
Launchpad 1402220 Not allow one interface over the same interface gui-ufw
Launchpad 1410839 Shell Command injection in ufw_backend.py gui-ufw
Launchpad 1416631 Allow import profile with English language gui-ufw
Launchpad 1412554 Migrate commands to subprocess gui-ufw
Launchpad 1462092 [SRU] Please upgrade gui-ufw to 15.04.4 gui-ufw
Launchpad 1447224 Regression: Unable to select audio or subtitle tracks totem totem
Launchpad 1257186 memory leakage messages (no talloc stackframe) samba samba
CVE CVE-2014-4002 Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_act cacti cacti
CVE CVE-2014-2327 Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users fo cacti cacti
CVE CVE-2014-5043 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed th cacti cacti
CVE CVE-2014-5026 Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web scri cacti cacti
CVE CVE-2014-5025 Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrar cacti cacti
CVE CVE-2014-5262 SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrar cacti cacti
CVE CVE-2014-5261 The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharac cacti cacti
CVE CVE-2015-4454 SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute ar cacti cacti
CVE CVE-2015-4342 SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef cacti cacti
CVE CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vector cacti cacti



About   -   Send Feedback to @ubuntu_updates