UbuntuUpdates.org

Latest Changelogs for all releases

All releases Bionic Eoan Focal Precise Trusty Xenial
Include all PPAs Exclude daily builds PPAs Exclude all PPAs
Include levels: securityupdatesproposedbackportsbase

Note: Only updates for "head" packages where the changelog is available are shown on this page (view all).

snapd 07-15 15:06 UTC
Release: bionic Repo: main Level: updates New version: 2.45.1+18.04.2
Packages in group:  golang-github-snapcore-snapd-dev golang-github-ubuntu-core-snappy-dev ubuntu-core-snapd-units

  snapd (2.45.1+18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    (xdg-open)
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 11:00:39 -0300


snapd 07-15 15:06 UTC
Release: bionic Repo: main Level: security New version: 2.45.1+18.04.2
Packages in group:  golang-github-snapcore-snapd-dev golang-github-ubuntu-core-snappy-dev ubuntu-core-snapd-units

  snapd (2.45.1+18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    (xdg-open)
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 11:00:39 -0300


snapd 07-15 15:06 UTC
Release: xenial Repo: universe Level: security New version: 2.45.1ubuntu0.2
Packages in group:  snapd-xdg-open ubuntu-snappy ubuntu-snappy-cli

  snapd (2.45.1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    (xdg-open)
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 10:40:52 -0300


snapd 07-15 15:06 UTC
Release: xenial Repo: main Level: updates New version: 2.45.1ubuntu0.2
Packages in group:  golang-github-snapcore-snapd-dev golang-github-ubuntu-core-snappy-dev snap-confine ubuntu-core-launcher ubuntu-core-snapd-units

  snapd (2.45.1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    (xdg-open)
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 10:40:52 -0300


snapd 07-15 15:06 UTC
Release: xenial Repo: main Level: security New version: 2.45.1ubuntu0.2
Packages in group:  golang-github-snapcore-snapd-dev golang-github-ubuntu-core-snappy-dev snap-confine ubuntu-core-launcher ubuntu-core-snapd-units

  snapd (2.45.1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: sandbox escape vulnerability via snapctl user-open
    (xdg-open)
    - usersession/userd/launcher.go: remove XDG_DATA_DIRS environment
      variable modification when calling the system xdg-open. Patch
      thanks to James Henstridge
    - packaging/ubuntu-16.04/snapd.postinst: kill userd on upgrade so it
      may autostart on next use. Patch thanks to Michael Vogt
    - CVE-2020-11934
    - LP: #1880085

 -- Emilia Torino <email address hidden> Fri, 10 Jul 2020 10:40:52 -0300



linux-meta-azure 07-15 10:06 UTC
Release: focal Repo: main Level: proposed New version: 5.4.0.1022.21
Packages in group:  linux-azure linux-cloud-tools-azure linux-headers-azure linux-image-azure linux-modules-extra-azure linux-tools-azure

  linux-meta-azure (5.4.0.1022.21) focal; urgency=medium

  * Bump ABI 5.4.0-1022


linux-meta 07-15 09:06 UTC
Release: bionic Repo: main Level: proposed New version: 4.15.0.112.100
Packages in group:  linux-cloud-tools-generic linux-cloud-tools-generic-hwe-16.04 linux-cloud-tools-generic-hwe-16.04-edge linux-cloud-tools-lowlatency linux-cloud-tools-lowlatency-hwe-16.04 linux-cloud-tools-lowlatency-hwe-16.04-edge linux-cloud-tools-virtual linux-cloud-tools-virtual-hwe-16.04 linux-cloud-tools-virtual-hwe-16.04-edge linux-crashdump linux-generic (... see all)

  linux-meta (4.15.0.112.100) bionic; urgency=medium

  * Bump ABI 4.15.0-112

  * Packaging resync (LP: #1786013)
    - [Packaging] resync debian/dkms-versions from main package

 -- Khalid Elmously <email address hidden> Thu, 09 Jul 2020 19:28:53 -0400

1786013 Packaging resync

linux 07-15 09:06 UTC
Release: bionic Repo: main Level: proposed New version: 4.15.0-112.113
Packages in group:  linux-buildinfo-4.15.0-100-generic linux-buildinfo-4.15.0-100-lowlatency linux-buildinfo-4.15.0-101-generic linux-buildinfo-4.15.0-101-lowlatency linux-buildinfo-4.15.0-102-generic linux-buildinfo-4.15.0-102-lowlatency linux-buildinfo-4.15.0-103-generic linux-buildinfo-4.15.0-103-lowlatency linux-buildinfo-4.15.0-106-generic linux-buildinfo-4.15.0-106-lowlatency linux-buildinfo-4.15.0-107-generic (... see all)

  linux (4.15.0-112.113) bionic; urgency=medium

  * bionic/linux: 4.15.0-112.113 -proposed tracker (LP: #1887048)

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  * CVE-2020-11935
    - SAUCE: aufs: do not call i_readcount_inc()
    - SAUCE: aufs: bugfix, IMA i_readcount

  * CVE-2020-10757
    - mm: Fix mremap not considering huge pmd devmap

  * Update lockdown patches (LP: #1884159)
    - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN
    - efi: Restrict efivar_ssdt_load when the kernel is locked down
    - powerpc/xmon: add read-only mode
    - powerpc/xmon: Restrict when kernel is locked down
    - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y
    - SAUCE: acpi: disallow loading configfs acpi tables when locked down

  * seccomp_bpf fails on powerpc (LP: #1885757)
    - SAUCE: selftests/seccomp: fix ptrace tests on powerpc

  * Introduce the new NVIDIA 418-server and 440-server series, and update the
    current NVIDIA drivers (LP: #1881137)
    - [packaging] add signed modules for the 418-server and the 440-server
      flavours

 -- Khalid Elmously <email address hidden> Thu, 09 Jul 2020 19:13:37 -0400

1786013 Packaging resync
1884159 Update lockdown patches
1885757 seccomp_bpf fails on powerpc
CVE-2020-10757 A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with acces

flashplugin-nonfree 07-14 23:06 UTC
Release: focal Repo: multiverse Level: updates New version: 32.0.0.403ubuntu0.20.04.1
Packages in group:  flashplugin-installer

  flashplugin-nonfree (32.0.0.403ubuntu0.20.04.1) focal-security; urgency=medium

  * New upstream release (32.0.0.403)
    - debian/flashplugin-installer.{config,postinst},
      debian/post-download-hook: Updated version and sha256sum

 -- Chris Coulson <email address hidden> Tue, 14 Jul 2020 16:52:51 +0100


flashplugin-nonfree 07-14 23:06 UTC
Release: eoan Repo: multiverse Level: updates New version: 32.0.0.403ubuntu0.19.10.1
Packages in group:  flashplugin-downloader flashplugin-installer

  flashplugin-nonfree (32.0.0.403ubuntu0.19.10.1) eoan-security; urgency=medium

  * New upstream release (32.0.0.403)
    - debian/flashplugin-installer.{config,postinst},
      debian/post-download-hook: Updated version and sha256sum

 -- Chris Coulson <email address hidden> Tue, 14 Jul 2020 16:53:24 +0100


flashplugin-nonfree 07-14 23:06 UTC
Release: bionic Repo: multiverse Level: updates New version: 32.0.0.403ubuntu0.18.04.1
Packages in group:  flashplugin-downloader flashplugin-installer

  flashplugin-nonfree (32.0.0.403ubuntu0.18.04.1) bionic-security; urgency=medium

  * New upstream release (32.0.0.403)
    - debian/flashplugin-installer.{config,postinst},
      debian/post-download-hook: Updated version and sha256sum

 -- Chris Coulson <email address hidden> Tue, 14 Jul 2020 16:54:00 +0100


flashplugin-nonfree 07-14 23:06 UTC
Release: xenial Repo: multiverse Level: updates New version: 32.0.0.403ubuntu0.16.04.1
Packages in group:  flashplugin-downloader flashplugin-installer

  flashplugin-nonfree (32.0.0.403ubuntu0.16.04.1) xenial-security; urgency=medium

  * New upstream release (32.0.0.403)
    - debian/flashplugin-installer.{config,postinst},
      debian/post-download-hook: Updated version and sha256sum

 -- Chris Coulson <email address hidden> Tue, 14 Jul 2020 16:54:30 +0100


flashplugin-nonfree 07-14 22:07 UTC
Release: focal Repo: multiverse Level: security New version: 32.0.0.403ubuntu0.20.04.1
Packages in group:  flashplugin-installer

  flashplugin-nonfree (32.0.0.403ubuntu0.20.04.1) focal-security; urgency=medium

  * New upstream release (32.0.0.403)
    - debian/flashplugin-installer.{config,postinst},
      debian/post-download-hook: Updated version and sha256sum

 -- Chris Coulson <email address hidden> Tue, 14 Jul 2020 16:52:51 +0100


flashplugin-nonfree 07-14 22:07 UTC
Release: eoan Repo: multiverse Level: security New version: 32.0.0.403ubuntu0.19.10.1
Packages in group:  flashplugin-downloader flashplugin-installer

  flashplugin-nonfree (32.0.0.403ubuntu0.19.10.1) eoan-security; urgency=medium

  * New upstream release (32.0.0.403)
    - debian/flashplugin-installer.{config,postinst},
      debian/post-download-hook: Updated version and sha256sum

 -- Chris Coulson <email address hidden> Tue, 14 Jul 2020 16:53:24 +0100




About   -   Send Feedback to @ubuntu_updates