RHSA-2017:3295-1: Moderate: kernel-rt security and bug fix update

Red Hat Enterprise Linux: An update for kernel-rt is now available for Red Hat Enterprise MRG 2.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2017-1000380

Read More

USN-3499-1: Exim vulnerability

Ubuntu Security Notice USN-3499-1

29th November, 2017

exim4 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.10
  • Ubuntu 17.04

Summary

Exim could be made to crash if it received specially crafted network
traffic.

Software description

  • exim4
    – Exim is a mail transport agent

Details

It was discovered that Exim incorrectly handled certain BDAT data headers.
A remote attacker could possibly use this issue to cause Exim to crash,
resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.10:
exim4-daemon-heavy

4.89-5ubuntu1.2
exim4-daemon-light

4.89-5ubuntu1.2
Ubuntu 17.04:
exim4-daemon-heavy

4.88-5ubuntu1.3
exim4-daemon-light

4.88-5ubuntu1.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-16944

Read More

USN-3500-1: libXfont vulnerability

Ubuntu Security Notice USN-3500-1

29th November, 2017

libxfont, libxfont1, libxfont2 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.10
  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

libXfont could be made to access arbitrary files, including special device
files.

Software description

  • libxfont
    – X11 font rasterisation library

  • libxfont1
    – X11 font rasterisation library

  • libxfont2
    – X11 font rasterisation library

Details

It was discovered that libXfont incorrectly followed symlinks when opening
font files. A local unprivileged user could use this issue to cause the X
server to access arbitrary files, including special device files.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.10:
libxfont1

1:1.5.2-4ubuntu1.1
libxfont2

1:2.0.1-3ubuntu1.1
Ubuntu 17.04:
libxfont1

1:1.5.2-4ubuntu0.2
libxfont2

1:2.0.1-3ubuntu0.2
Ubuntu 16.04 LTS:
libxfont1

1:1.5.1-1ubuntu0.16.04.4
libxfont2

1:2.0.1-3~ubuntu16.04.3
Ubuntu 14.04 LTS:
libxfont1

1:1.4.7-1ubuntu0.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-16611

Read More

USN-3501-1: libxcursor vulnerability

Ubuntu Security Notice USN-3501-1

29th November, 2017

libxcursor vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.10
  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

libxcursor could be made to crash or run programs if it opened a specially
crafted file.

Software description

  • libxcursor
    – X11 cursor management library

Details

It was discovered that libxcursor incorrectly handled certain files. An
attacker could use these issues to cause libxcursor to crash, resulting in
a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.10:
libxcursor1

1:1.1.14-3ubuntu0.1
Ubuntu 17.04:
libxcursor1

1:1.1.14-1ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libxcursor1

1:1.1.14-1ubuntu0.16.04.1
Ubuntu 14.04 LTS:
libxcursor1

1:1.1.14-1ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-16612

Read More

From 0 to Kubernetes

Although you hear a lot about containers and Kubernetes these days, there’s a lot of mystery around them. In her Lightning Talk at All Things Open 2017, “From 0 to Kubernetes,” Amy Chen clears up the confusion.

Amy, a software engineer at Rancher Labs, describes containers as baby computers living inside another computer that are suffering an “existential crisis” as they try to figure out their place in the world. Kubernetes is the way all those baby computers are organized.

Read More