UbuntuSecurity

Subscribe to UbuntuSecurity feed
Updated: 22 min 11 sec ago

USN-4128-2: Tomcat vulnerabilities

Wed, 18/09/2019 - 17:08
tomcat9 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in Tomcat 9.

Software Description
  • tomcat9 - Servlet and JSP engine
Details

It was discovered that the Tomcat 9 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. (CVE-2019-0221)

It was discovered that Tomcat 9 did not address HTTP/2 connection window exhaustion on write while addressing CVE-2019-0199. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-10072)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
libtomcat9-java - 9.0.16-3ubuntu0.19.04.1
tomcat9 - 9.0.16-3ubuntu0.19.04.1
Ubuntu 18.04 LTS
libtomcat9-java - 9.0.16-3ubuntu0.18.04.1
tomcat9 - 9.0.16-3ubuntu0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4136-2: wpa_supplicant and hostapd vulnerability

Wed, 18/09/2019 - 17:04
wpa, wpasupplicant vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame.

Software Description
  • wpa - client support for WPA and WPA2
  • wpasupplicant - client support for WPA and WPA2
Details

USN-4136-1 fixed a vulnerability in wpa_supplicant. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that wpa_supplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
hostapd - 1:2.1-0ubuntu1.7+esm2
wpasupplicant - 2.1-0ubuntu1.7+esm2
Ubuntu 12.04 ESM
wpasupplicant - 0.7.3-6ubuntu2.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References
Categories: Linux, Security

USN-4136-1: wpa_supplicant vulnerability

Wed, 18/09/2019 - 15:40
wpa vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

wpa_supplicant could be made to be disconnected and require reconnection to the network if it received a specially crafted management frame.

Software Description
  • wpa - client support for WPA and WPA2
Details

It was discovered that wpa_supplicant incorrectly handled certain management frames. An attacker could possibly use this issue to cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
hostapd - 2:2.6-21ubuntu3.3
wpasupplicant - 2:2.6-21ubuntu3.3
Ubuntu 18.04 LTS
hostapd - 2:2.6-15ubuntu2.5
wpasupplicant - 2:2.6-15ubuntu2.5
Ubuntu 16.04 LTS
hostapd - 1:2.4-0ubuntu6.6
wpasupplicant - 2.4-0ubuntu6.6

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References
Categories: Linux, Security

USN-4135-2: Linux kernel vulnerabilities

Wed, 18/09/2019 - 13:27
linux, linux-aws, linux-azure, linux-lts-trusty, linux-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

Several security issues were fixed in the Linux kernel.

Software Description
  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
  • linux-lts-trusty - Linux hardware enablement kernel from Trusty for Precise ESM
Details

Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835)

It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)

It was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
linux-image-3.13.0-173-generic - 3.13.0-173.224
linux-image-3.13.0-173-generic-lpae - 3.13.0-173.224
linux-image-3.13.0-173-lowlatency - 3.13.0-173.224
linux-image-3.13.0-173-powerpc-e500 - 3.13.0-173.224
linux-image-3.13.0-173-powerpc-e500mc - 3.13.0-173.224
linux-image-3.13.0-173-powerpc-smp - 3.13.0-173.224
linux-image-3.13.0-173-powerpc64-emb - 3.13.0-173.224
linux-image-3.13.0-173-powerpc64-smp - 3.13.0-173.224
linux-image-4.15.0-1059-azure - 4.15.0-1059.64~14.04.1
linux-image-4.4.0-1054-aws - 4.4.0-1054.58
linux-image-4.4.0-164-generic - 4.4.0-164.192~14.04.1
linux-image-4.4.0-164-generic-lpae - 4.4.0-164.192~14.04.1
linux-image-4.4.0-164-lowlatency - 4.4.0-164.192~14.04.1
linux-image-4.4.0-164-powerpc-e500mc - 4.4.0-164.192~14.04.1
linux-image-4.4.0-164-powerpc-smp - 4.4.0-164.192~14.04.1
linux-image-4.4.0-164-powerpc64-emb - 4.4.0-164.192~14.04.1
linux-image-4.4.0-164-powerpc64-smp - 4.4.0-164.192~14.04.1
linux-image-aws - 4.4.0.1054.55
linux-image-azure - 4.15.0.1059.45
linux-image-generic - 3.13.0.173.184
linux-image-generic-lpae - 3.13.0.173.184
linux-image-generic-lpae-lts-xenial - 4.4.0.164.143
linux-image-generic-lts-xenial - 4.4.0.164.143
linux-image-lowlatency - 3.13.0.173.184
linux-image-lowlatency-lts-xenial - 4.4.0.164.143
linux-image-powerpc-e500 - 3.13.0.173.184
linux-image-powerpc-e500mc - 3.13.0.173.184
linux-image-powerpc-e500mc-lts-xenial - 4.4.0.164.143
linux-image-powerpc-smp - 3.13.0.173.184
linux-image-powerpc-smp-lts-xenial - 4.4.0.164.143
linux-image-powerpc64-emb - 3.13.0.173.184
linux-image-powerpc64-emb-lts-xenial - 4.4.0.164.143
linux-image-powerpc64-smp - 3.13.0.173.184
linux-image-powerpc64-smp-lts-xenial - 4.4.0.164.143
linux-image-server - 3.13.0.173.184
linux-image-virtual - 3.13.0.173.184
linux-image-virtual-lts-xenial - 4.4.0.164.143
Ubuntu 12.04 ESM
linux-image-3.13.0-173-generic - 3.13.0-173.224~12.04.1
linux-image-3.13.0-173-generic-lpae - 3.13.0-173.224~12.04.1
linux-image-3.13.0-173-lowlatency - 3.13.0-173.224~12.04.1
linux-image-3.2.0-143-generic - 3.2.0-143.190
linux-image-3.2.0-143-generic-pae - 3.2.0-143.190
linux-image-3.2.0-143-highbank - 3.2.0-143.190
linux-image-3.2.0-143-omap - 3.2.0-143.190
linux-image-3.2.0-143-powerpc-smp - 3.2.0-143.190
linux-image-3.2.0-143-powerpc64-smp - 3.2.0-143.190
linux-image-3.2.0-143-virtual - 3.2.0-143.190
linux-image-generic - 3.2.0.143.158
linux-image-generic-lpae-lts-trusty - 3.13.0.173.161
linux-image-generic-lts-trusty - 3.13.0.173.161
linux-image-generic-pae - 3.2.0.143.158
linux-image-highbank - 3.2.0.143.158
linux-image-omap - 3.2.0.143.158
linux-image-powerpc - 3.2.0.143.158
linux-image-powerpc-smp - 3.2.0.143.158
linux-image-powerpc64-smp - 3.2.0.143.158
linux-image-server - 3.2.0.143.158
linux-image-virtual - 3.2.0.143.158

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References
Categories: Linux, Security

USN-4135-1: Linux kernel vulnerabilities

Wed, 18/09/2019 - 13:10
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in the Linux kernel.

Software Description
  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-raspi2 - Linux kernel for Raspberry Pi 2
  • linux-snapdragon - Linux kernel for Snapdragon processors
  • linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
  • linux-gke-5.0 - Linux kernel for Google Container Engine (GKE) systems
  • linux-hwe - Linux hardware enablement (HWE) kernel
  • linux-oem - Linux kernel for OEM processors
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
Details

Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835)

It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)

It was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
linux-image-5.0.0-1016-aws - 5.0.0-1016.18
linux-image-5.0.0-1017-gcp - 5.0.0-1017.17
linux-image-5.0.0-1017-kvm - 5.0.0-1017.18
linux-image-5.0.0-1017-raspi2 - 5.0.0-1017.17
linux-image-5.0.0-1020-azure - 5.0.0-1020.21
linux-image-5.0.0-1021-snapdragon - 5.0.0-1021.22
linux-image-5.0.0-29-generic - 5.0.0-29.31
linux-image-5.0.0-29-generic-lpae - 5.0.0-29.31
linux-image-5.0.0-29-lowlatency - 5.0.0-29.31
linux-image-aws - 5.0.0.1016.17
linux-image-azure - 5.0.0.1020.19
linux-image-gcp - 5.0.0.1017.43
linux-image-generic - 5.0.0.29.30
linux-image-generic-lpae - 5.0.0.29.30
linux-image-gke - 5.0.0.1017.43
linux-image-kvm - 5.0.0.1017.17
linux-image-lowlatency - 5.0.0.29.30
linux-image-raspi2 - 5.0.0.1017.14
linux-image-snapdragon - 5.0.0.1021.14
linux-image-virtual - 5.0.0.29.30
Ubuntu 18.04 LTS
linux-image-4.15.0-1025-oracle - 4.15.0-1025.28
linux-image-4.15.0-1044-gcp - 4.15.0-1044.70
linux-image-4.15.0-1044-gke - 4.15.0-1044.46
linux-image-4.15.0-1046-kvm - 4.15.0-1046.46
linux-image-4.15.0-1047-raspi2 - 4.15.0-1047.51
linux-image-4.15.0-1050-aws - 4.15.0-1050.52
linux-image-4.15.0-1056-oem - 4.15.0-1056.65
linux-image-4.15.0-1064-snapdragon - 4.15.0-1064.71
linux-image-4.15.0-64-generic - 4.15.0-64.73
linux-image-4.15.0-64-generic-lpae - 4.15.0-64.73
linux-image-4.15.0-64-lowlatency - 4.15.0-64.73
linux-image-5.0.0-1017-gke - 5.0.0-1017.17~18.04.1
linux-image-5.0.0-1020-azure - 5.0.0-1020.21~18.04.1
linux-image-5.0.0-29-generic - 5.0.0-29.31~18.04.1
linux-image-5.0.0-29-generic-lpae - 5.0.0-29.31~18.04.1
linux-image-5.0.0-29-lowlatency - 5.0.0-29.31~18.04.1
linux-image-aws - 4.15.0.1050.49
linux-image-azure - 5.0.0.1020.30
linux-image-gcp - 4.15.0.1044.70
linux-image-generic - 4.15.0.64.66
linux-image-generic-hwe-18.04 - 5.0.0.29.86
linux-image-generic-lpae - 4.15.0.64.66
linux-image-generic-lpae-hwe-18.04 - 5.0.0.29.86
linux-image-gke - 4.15.0.1044.47
linux-image-gke-4.15 - 4.15.0.1044.47
linux-image-gke-5.0 - 5.0.0.1017.7
linux-image-kvm - 4.15.0.1046.46
linux-image-lowlatency - 4.15.0.64.66
linux-image-lowlatency-hwe-18.04 - 5.0.0.29.86
linux-image-oem - 4.15.0.1056.60
linux-image-oracle - 4.15.0.1025.28
linux-image-powerpc-e500mc - 4.15.0.64.66
linux-image-powerpc-smp - 4.15.0.64.66
linux-image-powerpc64-emb - 4.15.0.64.66
linux-image-powerpc64-smp - 4.15.0.64.66
linux-image-raspi2 - 4.15.0.1047.45
linux-image-snapdragon - 4.15.0.1064.67
linux-image-snapdragon-hwe-18.04 - 5.0.0.29.86
linux-image-virtual - 4.15.0.64.66
linux-image-virtual-hwe-18.04 - 5.0.0.29.86
Ubuntu 16.04 LTS
linux-image-4.15.0-1025-oracle - 4.15.0-1025.28~16.04.1
linux-image-4.15.0-1044-gcp - 4.15.0-1044.46
linux-image-4.15.0-1050-aws - 4.15.0-1050.52~16.04.1
linux-image-4.15.0-1059-azure - 4.15.0-1059.64
linux-image-4.15.0-64-generic - 4.15.0-64.73~16.04.1
linux-image-4.15.0-64-generic-lpae - 4.15.0-64.73~16.04.1
linux-image-4.15.0-64-lowlatency - 4.15.0-64.73~16.04.1
linux-image-4.4.0-1058-kvm - 4.4.0-1058.65
linux-image-4.4.0-1094-aws - 4.4.0-1094.105
linux-image-4.4.0-1122-raspi2 - 4.4.0-1122.131
linux-image-4.4.0-1126-snapdragon - 4.4.0-1126.132
linux-image-4.4.0-164-generic - 4.4.0-164.192
linux-image-4.4.0-164-generic-lpae - 4.4.0-164.192
linux-image-4.4.0-164-lowlatency - 4.4.0-164.192
linux-image-4.4.0-164-powerpc-e500mc - 4.4.0-164.192
linux-image-4.4.0-164-powerpc-smp - 4.4.0-164.192
linux-image-4.4.0-164-powerpc64-emb - 4.4.0-164.192
linux-image-4.4.0-164-powerpc64-smp - 4.4.0-164.192
linux-image-aws - 4.4.0.1094.98
linux-image-aws-hwe - 4.15.0.1050.50
linux-image-azure - 4.15.0.1059.62
linux-image-gcp - 4.15.0.1044.58
linux-image-generic - 4.4.0.164.172
linux-image-generic-hwe-16.04 - 4.15.0.64.84
linux-image-generic-lpae - 4.4.0.164.172
linux-image-generic-lpae-hwe-16.04 - 4.15.0.64.84
linux-image-gke - 4.15.0.1044.58
linux-image-kvm - 4.4.0.1058.58
linux-image-lowlatency - 4.4.0.164.172
linux-image-lowlatency-hwe-16.04 - 4.15.0.64.84
linux-image-oem - 4.15.0.64.84
linux-image-oracle - 4.15.0.1025.18
linux-image-powerpc-e500mc - 4.4.0.164.172
linux-image-powerpc-smp - 4.4.0.164.172
linux-image-powerpc64-emb - 4.4.0.164.172
linux-image-powerpc64-smp - 4.4.0.164.172
linux-image-raspi2 - 4.4.0.1122.122
linux-image-snapdragon - 4.4.0.1126.118
linux-image-virtual - 4.4.0.164.172
linux-image-virtual-hwe-16.04 - 4.15.0.64.84

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References
Categories: Linux, Security

USN-4113-2: Apache HTTP Server regression

Tue, 17/09/2019 - 15:24
apache2 regression

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

USN-4113-1 introduced a regression in Apache.

Software Description
  • apache2 - Apache HTTP server
Details

USN-4113-1 fixed vulnerabilities in the Apache HTTP server. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Stefan Eissing discovered that the HTTP/2 implementation in Apache did not properly handle upgrade requests from HTTP/1.1 to HTTP/2 in some situations. A remote attacker could use this to cause a denial of service (daemon crash). This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.04. (CVE-2019-0197)

Craig Young discovered that a memory overwrite error existed in Apache when performing HTTP/2 very early pushes in some situations. A remote attacker could use this to cause a denial of service (daemon crash). This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.04. (CVE-2019-10081)

Craig Young discovered that a read-after-free error existed in the HTTP/2 implementation in Apache during connection shutdown. A remote attacker could use this to possibly cause a denial of service (daemon crash) or possibly expose sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.04. (CVE-2019-10082)

Matei Badanoiu discovered that the mod_proxy component of Apache did not properly filter URLs when reporting errors in some configurations. A remote attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks. (CVE-2019-10092)

Daniel McCarney discovered that mod_remoteip component of Apache contained a stack buffer overflow when parsing headers from a trusted intermediary proxy in some situations. A remote attacker controlling a trusted proxy could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. (CVE-2019-10097)

Yukitsugu Sasaki discovered that the mod_rewrite component in Apache was vulnerable to open redirects in some situations. A remote attacker could use this to possibly expose sensitive information or bypass intended restrictions. (CVE-2019-10098)

Jonathan Looney discovered that the HTTP/2 implementation in Apache did not properly limit the amount of buffering for client connections in some situations. A remote attacker could use this to cause a denial of service (unresponsive daemon). This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.04. (CVE-2019-9517)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
apache2 - 2.4.38-2ubuntu2.3
apache2-bin - 2.4.38-2ubuntu2.3
Ubuntu 18.04 LTS
apache2 - 2.4.29-1ubuntu4.11
apache2-bin - 2.4.29-1ubuntu4.11
Ubuntu 16.04 LTS
apache2 - 2.4.18-2ubuntu3.13
apache2-bin - 2.4.18-2ubuntu3.13

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4124-2: Exim vulnerability

Mon, 16/09/2019 - 16:03
exim4 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
Summary

Exim could be made to run programs as an administrator if it received specially crafted network traffic.

Software Description
  • exim4 - Exim is a mail transport agent
Details

USN-4124-1 fixed a vulnerability in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
exim4-daemon-heavy - 4.82-3ubuntu2.4+esm1
exim4-daemon-light - 4.82-3ubuntu2.4+esm1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4134-1: IBus vulnerability

Mon, 16/09/2019 - 15:08
ibus vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

IBus would allow local users to capture key strokes of other locally logged in users.

Software Description
  • ibus - Intelligent Input Bus - core
Details

Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
ibus - 1.5.19-1ubuntu2.1
Ubuntu 18.04 LTS
ibus - 1.5.17-3ubuntu5.1
Ubuntu 16.04 LTS
ibus - 1.5.11-1ubuntu2.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References
Categories: Linux, Security

USN-4133-1: Wireshark vulnerabilities

Mon, 16/09/2019 - 07:42
Wireshark vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Wireshark could be made to crash if it received specially crafted network traffic or input files.

Software Description
  • wireshark - network traffic analyzer
Details

It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malformed packets onto the wire or convincing someone to read a malformed packet trace file.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
libwireshark-data - 2.6.10-1~ubuntu19.04.0
libwireshark11 - 2.6.10-1~ubuntu19.04.0
libwiretap8 - 2.6.10-1~ubuntu19.04.0
libwscodecs2 - 2.6.10-1~ubuntu19.04.0
libwsutil9 - 2.6.10-1~ubuntu19.04.0
tshark - 2.6.10-1~ubuntu19.04.0
wireshark - 2.6.10-1~ubuntu19.04.0
wireshark-common - 2.6.10-1~ubuntu19.04.0
wireshark-gtk - 2.6.10-1~ubuntu19.04.0
wireshark-qt - 2.6.10-1~ubuntu19.04.0
Ubuntu 18.04 LTS
libwireshark-data - 2.6.10-1~ubuntu18.04.0
libwireshark11 - 2.6.10-1~ubuntu18.04.0
libwiretap8 - 2.6.10-1~ubuntu18.04.0
libwscodecs2 - 2.6.10-1~ubuntu18.04.0
libwsutil9 - 2.6.10-1~ubuntu18.04.0
tshark - 2.6.10-1~ubuntu18.04.0
wireshark - 2.6.10-1~ubuntu18.04.0
wireshark-common - 2.6.10-1~ubuntu18.04.0
wireshark-gtk - 2.6.10-1~ubuntu18.04.0
wireshark-qt - 2.6.10-1~ubuntu18.04.0
Ubuntu 16.04 LTS
libwireshark-data - 2.6.10-1~ubuntu16.04.0
libwireshark11 - 2.6.10-1~ubuntu16.04.0
libwiretap8 - 2.6.10-1~ubuntu16.04.0
libwscodecs2 - 2.6.10-1~ubuntu16.04.0
libwsutil9 - 2.6.10-1~ubuntu16.04.0
tshark - 2.6.10-1~ubuntu16.04.0
wireshark - 2.6.10-1~ubuntu16.04.0
wireshark-common - 2.6.10-1~ubuntu16.04.0
wireshark-gtk - 2.6.10-1~ubuntu16.04.0
wireshark-qt - 2.6.10-1~ubuntu16.04.0

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4129-2: curl vulnerability

Thu, 12/09/2019 - 23:10
curl vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

curl could be made to crash or possibly execute arbitrary code if it incorrectly handled memory during TFTP transfers.

Software Description
  • curl - HTTP, HTTPS, and FTP client and client libraries
Details

USN-4129-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.

Original advisory details:

Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
curl - 7.35.0-1ubuntu2.20+esm3
libcurl3 - 7.35.0-1ubuntu2.20+esm3
libcurl3-gnutls - 7.35.0-1ubuntu2.20+esm3
libcurl3-nss - 7.35.0-1ubuntu2.20+esm3
Ubuntu 12.04 ESM
curl - 7.22.0-3ubuntu4.27
libcurl3 - 7.22.0-3ubuntu4.27
libcurl3-gnutls - 7.22.0-3ubuntu4.27
libcurl3-nss - 7.22.0-3ubuntu4.27

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4132-2: Expat vulnerability

Thu, 12/09/2019 - 22:47
expat vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

Expat could be made to expose sensitive information if it received a specially crafted XML file.

Software Description
  • expat - XML parsing C library
Details

USN-4132-1 fixed a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
lib64expat1 - 2.1.0-4ubuntu1.4+esm2
libexpat1 - 2.1.0-4ubuntu1.4+esm2
Ubuntu 12.04 ESM
lib64expat1 - 2.0.1-7.2ubuntu1.7
libexpat1 - 2.0.1-7.2ubuntu1.7

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4132-1: Expat vulnerability

Thu, 12/09/2019 - 21:05
expat vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Expat could be made to expose sensitive information if it received a specially crafted XML file.

Software Description
  • expat - XML parsing C library
Details

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
libexpat1 - 2.2.6-1ubuntu0.19.5
Ubuntu 18.04 LTS
libexpat1 - 2.2.5-3ubuntu0.2
Ubuntu 16.04 LTS
lib64expat1 - 2.1.0-7ubuntu0.16.04.5
libexpat1 - 2.1.0-7ubuntu0.16.04.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4131-1: VLC vulnerabilities

Wed, 11/09/2019 - 20:11
vlc vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in VLC.

Software Description
  • vlc - multimedia player and streamer
Details

It was discovered that VLC incorrectly handled certain media files. If a user were tricked into opening a specially-crafted file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
vlc - 3.0.8-0ubuntu19.04.1
Ubuntu 18.04 LTS
vlc - 3.0.8-0ubuntu18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4130-1: WebKitGTK+ vulnerabilities

Wed, 11/09/2019 - 20:02
webkit2gtk vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in WebKitGTK+.

Software Description
  • webkit2gtk - Web content engine library for GTK+
Details

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
libjavascriptcoregtk-4.0-18 - 2.24.4-0ubuntu0.19.04.1
libwebkit2gtk-4.0-37 - 2.24.4-0ubuntu0.19.04.1
Ubuntu 18.04 LTS
libjavascriptcoregtk-4.0-18 - 2.24.4-0ubuntu0.18.04.1
libwebkit2gtk-4.0-37 - 2.24.4-0ubuntu0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

References
Categories: Linux, Security

USN-4129-1: curl vulnerabilities

Wed, 11/09/2019 - 11:37
curl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in curl.

Software Description
  • curl - HTTP, HTTPS, and FTP client and client libraries
Details

Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. (CVE-2019-5481)

Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker could use this issue to crash curl, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-5482)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
curl - 7.64.0-2ubuntu1.2
libcurl3-gnutls - 7.64.0-2ubuntu1.2
libcurl3-nss - 7.64.0-2ubuntu1.2
libcurl4 - 7.64.0-2ubuntu1.2
Ubuntu 18.04 LTS
curl - 7.58.0-2ubuntu3.8
libcurl3-gnutls - 7.58.0-2ubuntu3.8
libcurl3-nss - 7.58.0-2ubuntu3.8
libcurl4 - 7.58.0-2ubuntu3.8
Ubuntu 16.04 LTS
curl - 7.47.0-1ubuntu2.14
libcurl3 - 7.47.0-1ubuntu2.14
libcurl3-gnutls - 7.47.0-1ubuntu2.14
libcurl3-nss - 7.47.0-1ubuntu2.14

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4115-2: Linux kernel regression

Wed, 11/09/2019 - 08:29
linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

USN 4115-1 introduced a regression in the Linux kernel.

Software Description
  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-raspi2 - Linux kernel for Raspberry Pi 2
  • linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-hwe - Linux hardware enablement (HWE) kernel
Details

USN 4115-1 fixed vulnerabilities in the Linux 4.15 kernel for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue.

We apologize for the inconvenience.

Original advisory details:

Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-19985)

Zhipeng Xie discovered that an infinite loop could triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. (CVE-2018-20784)

It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)

It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)

Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)

Amit Klein and Benny Pinkas discovered that the location of kernel addresses could be exposed by the implementation of connection-less network protocols in the Linux kernel. A remote attacker could possibly use this to assist in the exploitation of another vulnerability in the Linux kernel. (CVE-2019-10639)

It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11487)

Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2019-11599)

It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-11810)

It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)

Praveen Pandey discovered that the Linux kernel did not properly validate sent signals in some situations on PowerPC systems with transactional memory disabled. A local attacker could use this to cause a denial of service. (CVE-2019-13648)

It was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14283)

It was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284)

Tuba Yavuz discovered that a race condition existed in the DesignWare USB3 DRD Controller device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-14763)

It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)

It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211)

It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212)

It was discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel, leading to a potential use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15214)

It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)

It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15220)

It was discovered that a use-after-free vulnerability existed in the AppleTalk implementation in the Linux kernel if an error occurs during initialization. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-15292)

Jason Wang discovered that an infinite loop vulnerability existed in the virtio net driver in the Linux kernel. A local attacker in a guest VM could possibly use this to cause a denial of service in the host system. (CVE-2019-3900)

Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered that the Bluetooth protocol BR/EDR specification did not properly require sufficiently strong encryption key lengths. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506)

It was discovered that a race condition existed in the USB YUREX device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15216)

It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218)

It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221)

Muyu Yu discovered that the CAN implementation in the Linux kernel in some situations did not properly restrict the field size when processing outgoing frames. A local attacker with CAP_NET_ADMIN privileges could use this to execute arbitrary code. (CVE-2019-3701)

Vladis Dronov discovered that the debug interface for the Linux kernel’s HID subsystem did not properly validate passed parameters in some situations. A local privileged attacker could use this to cause a denial of service (infinite loop). (CVE-2019-3819)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
linux-image-4.15.0-1023-oracle - 4.15.0-1023.26
linux-image-4.15.0-1042-gke - 4.15.0-1042.44
linux-image-4.15.0-1044-kvm - 4.15.0-1044.44
linux-image-4.15.0-1045-raspi2 - 4.15.0-1045.49
linux-image-4.15.0-1048-aws - 4.15.0-1048.50
linux-image-4.15.0-62-generic - 4.15.0-62.69
linux-image-4.15.0-62-generic-lpae - 4.15.0-62.69
linux-image-4.15.0-62-lowlatency - 4.15.0-62.69
linux-image-aws - 4.15.0.1048.47
linux-image-generic - 4.15.0.62.64
linux-image-generic-lpae - 4.15.0.62.64
linux-image-gke - 4.15.0.1042.45
linux-image-gke-4.15 - 4.15.0.1042.45
linux-image-kvm - 4.15.0.1044.44
linux-image-lowlatency - 4.15.0.62.64
linux-image-oracle - 4.15.0.1023.26
linux-image-powerpc-e500mc - 4.15.0.62.64
linux-image-powerpc-smp - 4.15.0.62.64
linux-image-powerpc64-emb - 4.15.0.62.64
linux-image-powerpc64-smp - 4.15.0.62.64
linux-image-raspi2 - 4.15.0.1045.43
linux-image-virtual - 4.15.0.62.64
Ubuntu 16.04 LTS
linux-image-4.15.0-1023-oracle - 4.15.0-1023.26~16.04.1
linux-image-4.15.0-1042-gcp - 4.15.0-1042.44
linux-image-4.15.0-1048-aws - 4.15.0-1048.50~16.04.1
linux-image-4.15.0-1057-azure - 4.15.0-1057.62
linux-image-4.15.0-62-generic - 4.15.0-62.69~16.04.1
linux-image-4.15.0-62-generic-lpae - 4.15.0-62.69~16.04.1
linux-image-4.15.0-62-lowlatency - 4.15.0-62.69~16.04.1
linux-image-aws-hwe - 4.15.0.1048.48
linux-image-azure - 4.15.0.1057.60
linux-image-gcp - 4.15.0.1042.56
linux-image-generic-hwe-16.04 - 4.15.0.62.82
linux-image-generic-lpae-hwe-16.04 - 4.15.0.62.82
linux-image-gke - 4.15.0.1042.56
linux-image-lowlatency-hwe-16.04 - 4.15.0.62.82
linux-image-oem - 4.15.0.62.82
linux-image-oracle - 4.15.0.1023.17
linux-image-virtual-hwe-16.04 - 4.15.0.62.82

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References
Categories: Linux, Security

USN-4120-2: systemd regression

Wed, 11/09/2019 - 01:18
systemd regression

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 19.04
  • Ubuntu 18.04 LTS
Summary

USN-4120-1 caused a regression in systemd.

Software Description
  • systemd - system and service manager
Details

USN-4120-1 fixed a vulnerability in systemd. The update included a recent SRU from the updates pocket that introduced networking problems for some users. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system’s DNS resolver settings.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
systemd - 240-6ubuntu5.7
Ubuntu 18.04 LTS
systemd - 237-3ubuntu10.29

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References
Categories: Linux, Security

USN-4128-1: Tomcat vulnerabilities

Tue, 10/09/2019 - 21:22
tomcat8 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in Tomcat 8.

Software Description
  • tomcat8 - Servlet and JSP engine
Details

It was discovered that the Tomcat 8 SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. (CVE-2019-0221)

It was discovered that Tomcat 8 did not address HTTP/2 connection window exhaustion on write while addressing CVE-2019-0199. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-10072)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
libtomcat8-java - 8.5.39-1ubuntu1~18.04.3
tomcat8 - 8.5.39-1ubuntu1~18.04.3
Ubuntu 16.04 LTS
libtomcat8-java - 8.0.32-1ubuntu1.10
tomcat8 - 8.0.32-1ubuntu1.10

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4127-2: Python vulnerabilities

Tue, 10/09/2019 - 16:08
python2.7, python3.4 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

Several security issues were fixed in Python.

Software Description
  • python2.7 - An interactive high-level object-oriented language
  • python3.4 - An interactive high-level object-oriented language
Details

USN-4127-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM. (CVE-2018-20406)

It was discovered that Python incorrectly validated the domain when handling cookies. An attacker could possibly trick Python into sending cookies to the wrong domain. (CVE-2018-20852)

Jonathan Birch and Panayiotis Panayiotou discovered that Python incorrectly handled Unicode encoding during NFKC normalization. An attacker could possibly use this issue to obtain sensitive information. (CVE-2019-9636, CVE-2019-10160)

Colin Read and Nicolas Edet discovered that Python incorrectly handled parsing certain X509 certificates. An attacker could possibly use this issue to cause Python to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 ESM. (CVE-2019-5010)

It was discovered that Python incorrectly handled certain urls. A remote attacker could possibly use this issue to perform CRLF injection attacks. (CVE-2019-9740, CVE-2019-9947)

Sihoon Lee discovered that Python incorrectly handled the local_file: scheme. A remote attacker could possibly use this issue to bypass blacklist meschanisms. (CVE-2019-9948)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
python2.7 - 2.7.6-8ubuntu0.6+esm2
python2.7-minimal - 2.7.6-8ubuntu0.6+esm2
python3.4 - 3.4.3-1ubuntu1~14.04.7+esm2
python3.4-minimal - 3.4.3-1ubuntu1~14.04.7+esm2
Ubuntu 12.04 ESM
python2.7 - 2.7.3-0ubuntu3.14
python2.7-minimal - 2.7.3-0ubuntu3.14

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4126-2: FreeType vulnerabilities

Mon, 09/09/2019 - 22:06
freetype vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

FreeType could be made to expose sensitive information if it opened a specially crafted font file.

Software Description
  • freetype - FreeType 2 is a font engine library
Details

USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. (CVE-2015-9381, CVE-2015-9382)

Original advisory details:

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. (CVE-2015-9383)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM
libfreetype6 - 2.5.2-1ubuntu2.8+esm1
Ubuntu 12.04 ESM
libfreetype6 - 2.4.8-1ubuntu2.7

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all the necessary changes.

References
Categories: Linux, Security

Pages