You are here

Securiy

USN-3580-1: Linux kernel vulnerabilities

Ubuntu security notices - 13 perc 17 másodperc
Ubuntu Security Notice USN-3580-1

21st February, 2018

linux vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS
Summary

Several security issues were fixed in the Linux kernel.

Software description
  • linux - Linux kernel
Details

Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:
linux-image-3.2.0-133-generic-pae 3.2.0-133.179
linux-image-generic 3.2.0.133.148
linux-image-generic-pae 3.2.0.133.148
linux-image-3.2.0-133-generic 3.2.0-133.179

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

Please note that fully mitigating CVE-2017-5715 (Spectre Variant 2)
requires corresponding processor microcode/firmware updates or,
in virtual environments, hypervisor updates. On i386 and amd64
architectures, the IBRS and IBPB features are required to enable the
kernel mitigations. Ubuntu is working with Intel and AMD to provide
future microcode updates that implement IBRS and IBPB as they are made
available. Ubuntu users with a processor from a different vendor should
contact the vendor to identify necessary firmware updates. Ubuntu
will provide corresponding QEMU updates in the future for users of
self-hosted virtual environments in coordination with upstream QEMU.
Ubuntu users in cloud environments should contact the cloud provider
to confirm that the hypervisor has been updated to expose the new
CPU features to virtual machines.

After a standard system update you need to reboot your computer to
apply the necessary changes.

References

CVE-2017-5715, CVE-2017-5753, https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

Kategóriák: Securiy

USN-3579-1: LibreOffice vulnerability

Ubuntu security notices - 3 óra 45 perc
Ubuntu Security Notice USN-3579-1

21st February, 2018

libreoffice vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

LibreOffice would allow unintended access to files over the network.

Software description
  • libreoffice - Office productivity suite
Details

It was discovered that =WEBSERVICE calls in a document could be used to
read arbitrary files. If a user were tricked in to opening a specially
crafted document, a remote attacker could exploit this to obtain sensitive
information. (CVE-2018-6871)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libreoffice-core 1:5.4.5-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
libreoffice-core 1:5.1.6~rc2-0ubuntu1~xenial3
Ubuntu 14.04 LTS:
libreoffice-core 1:4.2.8-0ubuntu5.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart LibreOffice to make
all the necessary changes.

References

CVE-2018-6871

Kategóriák: Securiy

USN-3577-1: CUPS vulnerability

Ubuntu security notices - 2018.02.21, sze - 04:00
Ubuntu Security Notice USN-3577-1

20th February, 2018

cups vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

CUPS could be made to provide access to printers over the network.

Software description
  • cups - Common UNIX Printing System(tm)
Details

Jann Horn discovered that CUPS permitted HTTP requests with the Host
header set to "localhost.localdomain" from the loopback interface. If a
user were tricked in to opening a specially crafted website in their web
browser, an attacker could potentially exploit this to obtain sensitive
information or control printers, via a DNS rebinding attack.
(CVE-2017-18190)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 16.04 LTS:
cups 2.1.3-4ubuntu0.4
Ubuntu 14.04 LTS:
cups 1.7.2-0ubuntu1.9

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-18190

Kategóriák: Securiy

USN-3576-1: libvirt vulnerabilities

Ubuntu security notices - 2018.02.21, sze - 00:51
Ubuntu Security Notice USN-3576-1

20th February, 2018

libvirt vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Several security issues were fixed in libvirt.

Software description
  • libvirt - Libvirt virtualization toolkit
Details

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt
incorrectly disabled password authentication when the VNC password was set
to an empty string. A remote attacker could possibly use this issue to
bypass authentication, contrary to expectations. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5008)

Daniel P. Berrange discovered that libvirt incorrectly handled validating
SSL/TLS certificates. A remote attacker could possibly use this issue to
obtain sensitive information. This issue only affected Ubuntu 17.10.
(CVE-2017-1000256)

Daniel P. Berrange and Peter Krempa discovered that libvirt incorrectly
handled large QEMU replies. An attacker could possibly use this issue to
cause libvirt to crash, resulting in a denial of service. (CVE-2018-5748)

Pedro Sampaio discovered that libvirt incorrectly handled the libnss_dns.so
module. An attacker in a libvirt_lxc session could possibly use this issue
to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and
Ubuntu 17.10. (CVE-2018-6764)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libvirt0 3.6.0-1ubuntu6.3
libvirt-bin 3.6.0-1ubuntu6.3
Ubuntu 16.04 LTS:
libvirt0 1.3.1-1ubuntu10.19
libvirt-bin 1.3.1-1ubuntu10.19
Ubuntu 14.04 LTS:
libvirt0 1.2.2-0ubuntu13.1.26
libvirt-bin 1.2.2-0ubuntu13.1.26

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-5008, CVE-2017-1000256, CVE-2018-5748, CVE-2018-6764

Kategóriák: Securiy

USN-3575-1: QEMU vulnerabilities

Ubuntu security notices - 2018.02.21, sze - 00:51
Ubuntu Security Notice USN-3575-1

20th February, 2018

qemu vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Several security issues were fixed in QEMU.

Software description
  • qemu - Machine emulator and virtualizer
Details

It was discovered that QEMU incorrectly handled guest ram. A privileged
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 16.04 LTS. (CVE-2017-11334)

David Buchanan discovered that QEMU incorrectly handled the VGA device. A
privileged attacker inside the guest could use this issue to cause QEMU to
crash, resulting in a denial of service. This issue was only addressed in
Ubuntu 17.10. (CVE-2017-13672)

Thomas Garnier discovered that QEMU incorrectly handled multiboot. An
attacker could use this issue to cause QEMU to crash, resulting in a denial
of service, or possibly execute arbitrary code on the host. In the default
installation, when QEMU is used with libvirt, attackers would be isolated
by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 16.04 LTS. (CVE-2017-14167)

Tuomas Tynkkynen discovered that QEMU incorrectly handled VirtFS directory
sharing. An attacker could use this issue to obtain sensitive information
from host memory. (CVE-2017-15038)

Eric Blake discovered that QEMU incorrectly handled memory in the
NBD server. An attacker could use this issue to cause the NBD server to
crash, resulting in a denial of service. This issue only affected Ubuntu
17.10. (CVE-2017-15118)

Eric Blake discovered that QEMU incorrectly handled certain options to the
NBD server. An attacker could use this issue to cause the NBD server to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15119)

Daniel Berrange discovered that QEMU incorrectly handled the VNC server. A
remote attacker could possibly use this issue to consume memory, resulting
in a denial of service. This issue was only addressed in Ubuntu 17.10.
(CVE-2017-15124)

Carl Brassey discovered that QEMU incorrectly handled certain websockets. A
remote attacker could possibly use this issue to consume memory, resulting
in a denial of service. This issue only affected Ubuntu 17.10.
(CVE-2017-15268)

Guoxiang Niu discovered that QEMU incorrectly handled the Cirrus VGA
device. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2017-15289)

Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values
during migration. An attacker could possibly use this issue to cause QEMU
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10.
(CVE-2017-16845)

It was discovered that QEMU incorrectly handled the Virtio Vring
implementation. An attacker could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 17.10. (CVE-2017-17381)

Eric Blake discovered that QEMU incorrectly handled certain rounding
operations. An attacker could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-18043)

Jiang Xin and Lin ZheCheng discovered that QEMU incorrectly handled the
VGA device. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2018-5683)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
qemu-system-s390x 1:2.10+dfsg-0ubuntu3.5
qemu-system-misc 1:2.10+dfsg-0ubuntu3.5
qemu-system 1:2.10+dfsg-0ubuntu3.5
qemu-system-aarch64 1:2.10+dfsg-0ubuntu3.5
qemu-system-x86 1:2.10+dfsg-0ubuntu3.5
qemu-system-sparc 1:2.10+dfsg-0ubuntu3.5
qemu-system-arm 1:2.10+dfsg-0ubuntu3.5
qemu-system-ppc 1:2.10+dfsg-0ubuntu3.5
qemu-system-mips 1:2.10+dfsg-0ubuntu3.5
Ubuntu 16.04 LTS:
qemu-system-s390x 1:2.5+dfsg-5ubuntu10.22
qemu-system-misc 1:2.5+dfsg-5ubuntu10.22
qemu-system 1:2.5+dfsg-5ubuntu10.22
qemu-system-aarch64 1:2.5+dfsg-5ubuntu10.22
qemu-system-x86 1:2.5+dfsg-5ubuntu10.22
qemu-system-sparc 1:2.5+dfsg-5ubuntu10.22
qemu-system-arm 1:2.5+dfsg-5ubuntu10.22
qemu-system-ppc 1:2.5+dfsg-5ubuntu10.22
qemu-system-mips 1:2.5+dfsg-5ubuntu10.22
Ubuntu 14.04 LTS:
qemu-system-misc 2.0.0+dfsg-2ubuntu1.39
qemu-system 2.0.0+dfsg-2ubuntu1.39
qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.39
qemu-system-x86 2.0.0+dfsg-2ubuntu1.39
qemu-system-sparc 2.0.0+dfsg-2ubuntu1.39
qemu-system-arm 2.0.0+dfsg-2ubuntu1.39
qemu-system-ppc 2.0.0+dfsg-2ubuntu1.39
qemu-system-mips 2.0.0+dfsg-2ubuntu1.39

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.

References

CVE-2017-11334, CVE-2017-13672, CVE-2017-14167, CVE-2017-15038, CVE-2017-15118, CVE-2017-15119, CVE-2017-15124, CVE-2017-15268, CVE-2017-15289, CVE-2017-16845, CVE-2017-17381, CVE-2017-18043, CVE-2018-5683

Kategóriák: Securiy

USN-3574-1: Bind vulnerability

Ubuntu security notices - 2018.02.19, h - 23:39
Ubuntu Security Notice USN-3574-1

19th February, 2018

bind9 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.04 LTS
Summary

Bind could be made to crash if it received specially crafted network traffic.

Software description
  • bind9 - Internet Domain Name Server
Details

It was discovered that Bind incorrectly handled DNSSEC
validation. An attacker could possibly use this to cause a denial
of service.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 12.04 LTS:
bind9 1:9.8.1.dfsg.P1-4ubuntu0.25

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2018-5735

Kategóriák: Securiy

USN-3573-1: Quagga vulnerabilities

Ubuntu security notices - 2018.02.16, p - 04:20
Ubuntu Security Notice USN-3573-1

15th February, 2018

quagga vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Several security issues were fixed in Quagga.

Software description
  • quagga - BGP/OSPF/RIP routing daemon
Details

It was discovered that a double-free vulnerability existed in the
Quagga BGP daemon when processing certain forms of UPDATE message.
A remote attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2018-5379)

It was discovered that the Quagga BGP daemon did not properly bounds
check the data sent with a NOTIFY to a peer. An attacker could use this
to expose sensitive information or possibly cause a denial of service.
This issue only affected Ubuntu 17.10. (CVE-2018-5378)

It was discovered that a table overrun vulnerability existed in the
Quagga BGP daemon. An attacker in control of a configured peer could
use this to possibly expose sensitive information or possibly cause
a denial of service. (CVE-2018-5380)

It was discovered that the Quagga BGP daemon in some configurations
did not properly handle invalid OPEN messages. An attacker in control
of a configured peer could use this to cause a denial of service
(infinite loop). (CVE-2018-5381)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
quagga 1.1.1-3ubuntu0.2
quagga-bgpd 1.1.1-3ubuntu0.2
Ubuntu 16.04 LTS:
quagga 0.99.24.1-2ubuntu1.4
Ubuntu 14.04 LTS:
quagga 0.99.22.4-3ubuntu1.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Quagga to make
all the necessary changes.

References

CVE-2018-5378, CVE-2018-5379, CVE-2018-5380, CVE-2018-5381

Kategóriák: Securiy

USN-3572-1: FreeType vulnerability

Ubuntu security notices - 2018.02.14, sze - 22:50
Ubuntu Security Notice USN-3572-1

14th February, 2018

freetype vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
Summary

FreeType could be made to crash if it opened a specially crafted file.

Software description
  • freetype - FreeType 2 is a font engine library
Details

It was discovered that FreeType incorrectly handled certain files.
An attacker could possibly use this to cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libfreetype6 2.8-0.2ubuntu2.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make
all the necessary changes.

References

CVE-2018-6942

Kategóriák: Securiy

USN-3571-1: Erlang vulnerabilities

Ubuntu security notices - 2018.02.14, sze - 19:16
Ubuntu Security Notice USN-3571-1

14th February, 2018

erlang vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Several security issues were fixed in Erlang.

Software description
  • erlang - Concurrent, real-time, distributed functional language
Details

It was discovered that the Erlang FTP module incorrectly handled certain
CRLF sequences. A remote attacker could possibly use this issue to inject
arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-1693)

It was discovered that Erlang incorrectly checked CBC padding bytes. A
remote attacker could possibly use this issue to perform a padding oracle
attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS.
(CVE-2015-2774)

It was discovered that Erlang incorrectly handled certain regular
expressions. A remote attacker could possibly use this issue to cause
Erlang to crash, resulting in a denial of service, or execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-10253)

Hanno Böck, Juraj Somorovsky and Craig Young discovered that the Erlang
otp TLS server incorrectly handled error reporting. A remote attacker could
possibly use this issue to perform a variation of the Bleichenbacher attack
and decrypt traffic or sign messages. (CVE-2017-1000385)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
erlang 1:20.0.4+dfsg-1ubuntu1.1
Ubuntu 16.04 LTS:
erlang 1:18.3-dfsg-1ubuntu3.1
Ubuntu 14.04 LTS:
erlang 1:16.b.3-dfsg-1ubuntu2.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2014-1693, CVE-2015-2774, CVE-2016-10253, CVE-2017-1000385

Kategóriák: Securiy

USN-3570-1: AdvanceCOMP vulnerability

Ubuntu security notices - 2018.02.14, sze - 19:16
Ubuntu Security Notice USN-3570-1

14th February, 2018

advancecomp vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

AdvanceCOMP could be made to crash or run programs if it opened a specially crafted file.

Software description
  • advancecomp - collection of recompression utilities
Details

Joonun Jang discovered that AdvanceCOMP incorrectly handled certain
malformed zip files. If a user or automated system were tricked into
processing a specially crafted zip file, a remote attacker could cause
AdvanceCOMP to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
advancecomp 2.0-1ubuntu0.1
Ubuntu 16.04 LTS:
advancecomp 1.20-1ubuntu0.1
Ubuntu 14.04 LTS:
advancecomp 1.18-1ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2018-1056

Kategóriák: Securiy

USN-3569-1: libvorbis vulnerabilities

Ubuntu security notices - 2018.02.13, k - 23:11
Ubuntu Security Notice USN-3569-1

13th February, 2018

libvorbis vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Several security issues were fixed in libvorbis.

Software description
  • libvorbis - The Vorbis General Audio Compression Codec
Details

It was discovered that libvorbis incorrectly handled certain sound files.
An attacker could possibly use this to execute arbitrary code.
(CVE-2017-14632)

It was discovered that libvorbis incorrectly handled certain sound files.
An attacker could use this to cause a denial of service.
(CVE-2017-14633)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libvorbis0a 1.3.5-4ubuntu0.1
Ubuntu 16.04 LTS:
libvorbis0a 1.3.5-3ubuntu0.1
Ubuntu 14.04 LTS:
libvorbis0a 1.3.2-1.3ubuntu1.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to restart any applications that
use libvorbis, such as Totem and gtkpod, to effect the necessary changes.

References

CVE-2017-14632, CVE-2017-14633

Kategóriák: Securiy

USN-3544-2: Firefox regressions

Ubuntu security notices - 2018.02.13, k - 04:13
Ubuntu Security Notice USN-3544-2

12th February, 2018

firefox regressions

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

USN-3544-1 caused some regressions in Firefox.

Software description
  • firefox - Mozilla Open Source web browser
Details

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web
compatibility regression and a tab crash during printing in some
circumstances. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via application
crash, spoof the origin in audio capture prompts, trick the user in to
providing HTTP credentials for another origin, spoof the addressbar
contents, or execute arbitrary code. (CVE-2018-5089, CVE-2018-5090,
CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, CVE-2018-5095,
CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5100, CVE-2018-5101,
CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5109, CVE-2018-5114,
CVE-2018-5115, CVE-2018-5117, CVE-2018-5122)

Multiple security issues were discovered in WebExtensions. If a user were
tricked in to installing a specially crafted extension, an attacker could
potentially exploit these to gain additional privileges, bypass
same-origin restrictions, or execute arbitrary code. (CVE-2018-5105,
CVE-2018-5113, CVE-2018-5116)

A security issue was discovered with the developer tools. If a user were
tricked in to opening a specially crafted website with the developer tools
open, an attacker could potentially exploit this to obtain sensitive
information from other origins. (CVE-2018-5106)

A security issue was discovered with printing. An attacker could
potentially exploit this to obtain sensitive information from local files.
(CVE-2018-5107)

It was discovered that manually entered blob URLs could be accessed by
subsequent private browsing tabs. If a user were tricked in to entering
a blob URL, an attacker could potentially exploit this to obtain sensitive
information from a private browsing context. (CVE-2018-5108)

It was discovered that dragging certain specially formatted URLs to the
addressbar could cause the wrong URL to be displayed. If a user were
tricked in to opening a specially crafted website and dragging a URL to
the addressbar, an attacker could potentially exploit this to spoof the
addressbar contents. (CVE-2018-5111)

It was discovered that WebExtension developer tools panels could open
non-relative URLs. If a user were tricked in to installing a specially
crafted extension and running the developer tools, an attacker could
potentially exploit this to gain additional privileges. (CVE-2018-5112)

It was discovered that ActivityStream images can attempt to load local
content through file: URLs. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this in
combination with another vulnerability that allowed sandbox protections to
be bypassed, in order to obtain sensitive information from local files.
(CVE-2018-5118)

It was discovered that the reader view will load cross-origin content in
violation of CORS headers. An attacker could exploit this to bypass CORS
restrictions. (CVE-2018-5119)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
firefox 58.0.2+build1-0ubuntu0.17.10.1
Ubuntu 16.04 LTS:
firefox 58.0.2+build1-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
firefox 58.0.2+build1-0ubuntu0.14.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

LP: 1749025

Kategóriák: Securiy

USN-3568-1: WavPack vulnerabilities

Ubuntu security notices - 2018.02.13, k - 00:53
Ubuntu Security Notice USN-3568-1

12th February, 2018

wavpack vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

WavPack could be made to crash if it opened a specially crafted file.

Software description
  • wavpack - audio codec (lossy and lossless) - encoder and decoder
Details

Hanno Böck discovered that WavPack incorrectly handled certain
WV files. An attacker could possibly use this to cause a denial
of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu
16.04 LTS. (CVE-2016-10169)

Joonun Jang discovered that WavPack incorrectly handled certain
RF64 files. An attacker could possibly use this to cause a denial
of service. This issue only affected Ubuntu 17.10. (CVE-2018-6767)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libwavpack1 5.1.0-2ubuntu0.1
wavpack 5.1.0-2ubuntu0.1
Ubuntu 16.04 LTS:
libwavpack1 4.75.2-2ubuntu0.1
wavpack 4.75.2-2ubuntu0.1
Ubuntu 14.04 LTS:
libwavpack1 4.70.0-1ubuntu0.1
wavpack 4.70.0-1ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-10169, CVE-2018-6767

Kategóriák: Securiy

USN-3567-1: Puppet vulnerability

Ubuntu security notices - 2018.02.12, h - 18:35
Ubuntu Security Notice USN-3567-1

12th February, 2018

puppet vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 LTS
Summary

Puppet could be made to crash or run programs.

Software description
  • puppet - Centralized configuration management
Details

It was discovered that Puppet incorrectly handled permissions when
unpacking certain tarballs. A local user could possibly use this issue to
execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 14.04 LTS:
puppet-common 3.4.3-1ubuntu1.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-10689

Kategóriák: Securiy

USN-3566-1: PHP vulnerabilities

Ubuntu security notices - 2018.02.12, h - 18:35
Ubuntu Security Notice USN-3566-1

12th February, 2018

php5 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 LTS
Summary

Several security issues were fixed in PHP.

Software description
  • php5 - HTML-embedded scripting language interpreter
Details

It was discovered that PHP incorrectly handled the PHAR 404 error page. A
remote attacker could possibly use this issue to conduct cross-site
scripting (XSS) attacks. (CVE-2018-5712)

It was discovered that PHP incorrectly handled memory when unserializing
certain data. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-12933)

It was discovered that PHP incorrectly handled 'front of' and 'back of'
date directives. A remote attacker could possibly use this issue to obtain
sensitive information. (CVE-2017-16642)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 14.04 LTS:
php5-cli 5.5.9+dfsg-1ubuntu4.23
php5-cgi 5.5.9+dfsg-1ubuntu4.23
libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.23
php5-fpm 5.5.9+dfsg-1ubuntu4.23

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-12933, CVE-2017-16642, CVE-2018-5712

Kategóriák: Securiy

USN-3565-1: Exim vulnerability

Ubuntu security notices - 2018.02.12, h - 18:35
Ubuntu Security Notice USN-3565-1

12th February, 2018

exim4 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Exim could be made to crash or run programs if it received specially crafted network traffic.

Software description
  • exim4 - Exim is a mail transport agent
Details

Meh Chang discovered that Exim incorrectly handled memory in certain
decoding operations. A remote attacker could use this issue to cause Exim
to crash, resulting in a denial of service, or possibly execute arbitrary
code.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
exim4-daemon-heavy 4.89-5ubuntu1.3
exim4-daemon-light 4.89-5ubuntu1.3
Ubuntu 16.04 LTS:
exim4-daemon-heavy 4.86.2-2ubuntu2.3
exim4-daemon-light 4.86.2-2ubuntu2.3
Ubuntu 14.04 LTS:
exim4-daemon-heavy 4.82-3ubuntu2.4
exim4-daemon-light 4.82-3ubuntu2.4

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2018-6789

Kategóriák: Securiy

USN-3564-1: PostgreSQL vulnerability

Ubuntu security notices - 2018.02.09, p - 18:51
Ubuntu Security Notice USN-3564-1

9th February, 2018

postgresql-9.3, postgresql-9.5, postgresql-9.6 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

PostgreSQL could be made to expose sensitive information.

Software description
  • postgresql-9.3 - Object-relational SQL database
  • postgresql-9.5 - Object-relational SQL database
  • postgresql-9.6 - Object-relational SQL database
Details

It was discovered that PostgreSQL incorrectly handled certain temp files.
An attacker could possibly use this to access sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
postgresql-9.6 9.6.7-0ubuntu0.17.10
Ubuntu 16.04 LTS:
postgresql-9.5 9.5.11-0ubuntu0.16.04
Ubuntu 14.04 LTS:
postgresql-9.3 9.3.21-0ubuntu0.14.04

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.

References

CVE-2018-1053

Kategóriák: Securiy

USN-3563-1: Mailman vulnerability

Ubuntu security notices - 2018.02.08, cs - 22:34
Ubuntu Security Notice USN-3563-1

8th February, 2018

mailman vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Mailman could be made to run arbitrary code.

Software description
  • mailman - Powerful, web-based mailing list manager
Details

It was discovered that Mailman incorrectly handled certain web scripts.
An attacker could possibly use this to inject arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
mailman 1:2.1.23-1ubuntu0.2
Ubuntu 16.04 LTS:
mailman 1:2.1.20-1ubuntu0.3
Ubuntu 14.04 LTS:
mailman 1:2.1.16-2ubuntu0.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2018-5950

Kategóriák: Securiy

USN-3562-1: MiniUPnP vulnerabilities

Ubuntu security notices - 2018.02.08, cs - 00:20
Ubuntu Security Notice USN-3562-1

7th February, 2018

miniupnpc vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

MiniUPnP could be made to crash or run programs if it received specially crafted network traffic.

Software description
  • miniupnpc - UPnP IGD client lightweight library
Details

It was discovered that MiniUPnP incorrectly handled memory. A remote
attacker could use this issue to cause a denial of service or possibly
execute arbitrary code with privileges of the user running an application
that uses the MiniUPnP library.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libminiupnpc10 1.9.20140610-4ubuntu1.1
Ubuntu 16.04 LTS:
libminiupnpc10 1.9.20140610-2ubuntu2.16.04.2
Ubuntu 14.04 LTS:
libminiupnpc8 1.6-3ubuntu2.14.04.4

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-1000494

Kategóriák: Securiy

USN-3561-1: libvirt update

Ubuntu security notices - 2018.02.07, sze - 21:16
Ubuntu Security Notice USN-3561-1

7th February, 2018

libvirt update

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
Summary

Spectre mitigations were added to libvirt.

Software description
  • libvirt - Libvirt virtualization toolkit
Details

It was discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. An attacker in the guest could use
this to expose sensitive guest information, including kernel memory.

This update allows libvirt to expose new CPU features added by microcode
updates to guests. On amd64 and i386, new CPU models that match the updated
microcode features were added with an -IBRS suffix. Certain environments
will require guests to be switched manually to the new CPU models after
microcode updates have been applied to the host.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
libvirt0 3.6.0-1ubuntu6.2
libvirt-bin 3.6.0-1ubuntu6.2
Ubuntu 16.04 LTS:
libvirt0 1.3.1-1ubuntu10.17
libvirt-bin 1.3.1-1ubuntu10.17
Ubuntu 14.04 LTS:
libvirt0 1.2.2-0ubuntu13.1.25
libvirt-bin 1.2.2-0ubuntu13.1.25

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-5715

Kategóriák: Securiy

Oldalak

Subscribe to Informatikai megoldások hírolvasó - Securiy