I've checked the changes report in the un-checkable update and it shows: "SECURITY UPDATE: possible privilege escalation via policykit UID lookup race. - dbus_backend/ls-dbus-backend: pass system-bus-name as a subject instead of pid so policykit can get the information from the system bus."
It is confirmed in the National Vulnerability Database at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1066, it links to a bug for the update, not for the package to be updated: https://launchpad.net/ubuntu/+source/language-selector/0.79.4 This information starts with this link in the "Changes" tab for the update: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-1066 (CVE-2013-1066) ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-1066 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1233374 Title: can not select language-selector-common and language-selector-gnome in Update Manager To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/language-selector/+bug/1233374/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
