Category Archives: Ubuntu

Ubuntu

USN-3401-1: TeX Live vulnerability

Ubuntu Security Notice USN-3401-1

22nd August, 2017

texlive-base vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

TeX Live could be made to run programs as your login if it
opened a specially crafted file.

Software description

  • texlive-base
    – TeX Live: Essential programs and files

Details

It was discovered that TeX Live incorrectly handled certain
system commands. If a user were tricked into processing a
specially crafted TeX file, a remote attacker could execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
texlive-base

2015.20160320-1ubuntu0.1
texlive-latex-base

2015.20160320-1ubuntu0.1
Ubuntu 14.04 LTS:
texlive-base

2013.20140215-1ubuntu0.1
texlive-latex-base

2013.20140215-1ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-10243

Read More

USN-3400-1: Augeas vulnerability

Ubuntu Security Notice USN-3400-1

21st August, 2017

augeas vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Augeas could be made to crash if it received specially crafted
input.

Software description

  • augeas
    – Configuration editing tool

Details

It was discovered that Augeas incorrectly handled certain strings.
An attacker could use this issue to cause Augeas to crash, leading
to a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
augeas-tools

1.6.0-0ubuntu3.1
libaugeas0

1.6.0-0ubuntu3.1
Ubuntu 16.04 LTS:
augeas-tools

1.4.0-0ubuntu1.1
libaugeas0

1.4.0-0ubuntu1.1
Ubuntu 14.04 LTS:
augeas-tools

1.2.0-0ubuntu1.3
libaugeas0

1.2.0-0ubuntu1.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-7555

Read More

USN-3399-1: cvs vulnerability

Ubuntu Security Notice USN-3399-1

21st August, 2017

cvs vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

cvs could be made run programs as your login if it opened a
specially crafted cvs repository.

Software description

  • cvs
    – Concurrent Versions System

Details

Hank Leininger discovered that cvs did not properly handle SSH
for remote repositories. A remote attacker could use this to
construct a cvs repository that when accessed could run arbitrary
code with the privileges of the user.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
cvs

2:1.12.13+real-22ubuntu0.1
Ubuntu 16.04 LTS:
cvs

2:1.12.13+real-15ubuntu0.1
Ubuntu 14.04 LTS:
cvs

2:1.12.13+real-12ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-12836

Read More

USN-3398-1: graphite2 vulnerabilities

Ubuntu Security Notice USN-3398-1

21st August, 2017

graphite2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

graphite2 could be made to crash or run programs if it opened a specially
crafted font.

Software description

  • graphite2
    – Font rendering engine for Complex Scripts

Details

Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly
handled certain malformed fonts. If a user or automated system were tricked
into opening a specially-crafted font file, a remote attacker could use
this issue to cause graphite2 to crash, resulting in a denial of service,
or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
libgraphite2-3

1.3.10-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
libgraphite2-3

1.3.10-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
libgraphite2-3

1.3.10-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart applications
using graphite2, such as LibreOffice, to make all the necessary changes.

References

CVE-2017-7771,

CVE-2017-7772,

CVE-2017-7773,

CVE-2017-7774,

CVE-2017-7775,

CVE-2017-7776,

CVE-2017-7777,

CVE-2017-7778

Read More

USN-3397-1: strongSwan vulnerability

Ubuntu Security Notice USN-3397-1

21st August, 2017

strongswan vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

strongSwan could be made to crash or hang if it received specially crafted
network traffic.

Software description

  • strongswan
    – IPsec VPN solution

Details

It was discovered that strongSwan incorrectly handled verifying
specific RSA signatures. A remote attacker could use this issue
to cause strongSwan to crash, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
libstrongswan

5.5.1-1ubuntu3.2
strongswan

5.5.1-1ubuntu3.2
Ubuntu 16.04 LTS:
libstrongswan

5.3.5-1ubuntu3.4
strongswan

5.3.5-1ubuntu3.4
Ubuntu 14.04 LTS:
libstrongswan

5.1.2-0ubuntu2.7
strongswan

5.1.2-0ubuntu2.7

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-11185

Read More

USN-3396-1: OpenJDK 7 vulnerabilities

Ubuntu Security Notice USN-3396-1

18th August, 2017

openjdk-7 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in OpenJDK 7.

Software description

  • openjdk-7
    – Open Source Java implementation

Details

It was discovered that the JPEGImageReader class in OpenJDK would
incorrectly read unused image data. An attacker could use this to specially
construct a jpeg image file that when opened by a Java application would
cause a denial of service. (CVE-2017-10053)

It was discovered that the JAR verifier in OpenJDK did not properly handle
archives containing files missing digests. An attacker could use this to
modify the signed contents of a JAR file. (CVE-2017-10067)

It was discovered that integer overflows existed in the Hotspot component
of OpenJDK when generating range check loop predicates. An attacker could
use this to specially construct an untrusted Java application or applet
that could escape sandbox restrictions and cause a denial of service or
possibly execute arbitrary code. (CVE-2017-10074)

It was discovered that OpenJDK did not properly process parentheses in
function signatures. An attacker could use this to specially construct an
untrusted Java application or applet that could escape sandbox
restrictions. (CVE-2017-10081)

It was discovered that the ThreadPoolExecutor class in OpenJDK did not
properly perform access control checks when cleaning up threads. An
attacker could use this to specially construct an untrusted Java
application or applet that could escape sandbox restrictions and possibly
execute arbitrary code. (CVE-2017-10087)

It was discovered that the ServiceRegistry implementation in OpenJDK did
not perform access control checks in certain situations. An attacker could
use this to specially construct an untrusted Java application or applet
that escaped sandbox restrictions. (CVE-2017-10089)

It was discovered that the channel groups implementation in OpenJDK did not
properly perform access control checks in some situations. An attacker
could use this to specially construct an untrusted Java application or
applet that could escape sandbox restrictions. (CVE-2017-10090)

It was discovered that the DTM exception handling code in the JAXP
component of OpenJDK did not properly perform access control checks. An
attacker could use this to specially construct an untrusted Java
application or applet that could escape sandbox restrictions.
(CVE-2017-10096)

It was discovered that the JAXP component of OpenJDK incorrectly granted
access to some internal resolvers. An attacker could use this to specially
construct an untrusted Java application or applet that could escape sandbox
restrictions. (CVE-2017-10101)

It was discovered that the Distributed Garbage Collector (DGC) in OpenJDK
did not properly track references in some situations. A remote attacker
could possibly use this to execute arbitrary code. (CVE-2017-10102)

It was discovered that the Activation ID implementation in the RMI
component of OpenJDK did not properly check access control permissions in
some situations. An attacker could use this to specially construct an
untrusted Java application or applet that could escape sandbox
restrictions. (CVE-2017-10107)

It was discovered that the BasicAttribute class in OpenJDK did not properly
bound memory allocation when de-serializing objects. An attacker could use
this to cause a denial of service (memory consumption). (CVE-2017-10108)

It was discovered that the CodeSource class in OpenJDK did not properly
bound memory allocations when de-serializing object instances. An attacker
could use this to cause a denial of service (memory consumption).
(CVE-2017-10109)

It was discovered that the AWT ImageWatched class in OpenJDK did not
properly perform access control checks, An attacker could use this to
specially construct an untrusted Java application or applet that could
escape sandbox restrictions (CVE-2017-10110)

It was discovered that a timing side-channel vulnerability existed in the
DSA implementation in OpenJDK. An attacker could use this to expose
sensitive information. (CVE-2017-10115)

It was discovered that the LDAP implementation in OpenJDK incorrectly
followed references to non-LDAP URLs. An attacker could use this to
specially craft an LDAP referral URL that exposes sensitive information or
bypass access restrictions. (CVE-2017-10116)

It was discovered that a timing side-channel vulnerability existed in the
ECDSA implementation in OpenJDK. An attacker could use this to expose
sensitive information. (CVE-2017-10118)

Ilya Maykov discovered that a timing side-channel vulnerability existed in
the PKCS#8 implementation in OpenJDK. An attacker could use this to expose
sensitive information. (CVE-2017-10135)

It was discovered that the Elliptic Curve (EC) implementation in OpenJDK
did not properly compute certain elliptic curve points. An attacker could
use this to expose sensitive information. (CVE-2017-10176)

It was discovered that OpenJDK did not properly perform access control
checks when handling Web Service Definition Language (WSDL) XML documents.
An attacker could use this to expose sensitive information.
(CVE-2017-10243)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
openjdk-7-jre-lib

7u151-2.6.11-0ubuntu1.14.04.1
openjdk-7-jre-zero

7u151-2.6.11-0ubuntu1.14.04.1
icedtea-7-jre-jamvm

7u151-2.6.11-0ubuntu1.14.04.1
openjdk-7-jre-headless

7u151-2.6.11-0ubuntu1.14.04.1
openjdk-7-jre

7u151-2.6.11-0ubuntu1.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to restart any
Java applications or applets to make all the necessary changes.

References

CVE-2017-10053,

CVE-2017-10067,

CVE-2017-10074,

CVE-2017-10081,

CVE-2017-10087,

CVE-2017-10089,

CVE-2017-10090,

CVE-2017-10096,

CVE-2017-10101,

CVE-2017-10102,

CVE-2017-10107,

CVE-2017-10108,

CVE-2017-10109,

CVE-2017-10110,

CVE-2017-10115,

CVE-2017-10116,

CVE-2017-10118,

CVE-2017-10135,

CVE-2017-10176,

CVE-2017-10243

Read More

USN-3391-3: Firefox regression

Ubuntu Security Notice USN-3391-3

17th August, 2017

firefox regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

USN-3391-1 introduced a regression in Firefox.

Software description

  • firefox
    – Mozilla Open Source web browser

Details

USN-3391-1 fixed vulnerabilities in Firefox. The update introduced a
performance regression with WebExtensions. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to conduct cross-site scripting (XSS) attacks,
bypass sandbox restrictions, obtain sensitive information, spoof the
origin of modal alerts, bypass same origin restrictions, read
uninitialized memory, cause a denial of service via program crash or hang,
or execute arbitrary code. (CVE-2017-7753, CVE-2017-7779, CVE-2017-7780,
CVE-2017-7781, CVE-2017-7783, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786,
CVE-2017-7787, CVE-2017-7788, CVE-2017-7789, CVE-2017-7791, CVE-2017-7792,
CVE-2017-7794, CVE-2017-7797, CVE-2017-7798, CVE-2017-7799, CVE-2017-7800,
CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7806, CVE-2017-7807,
CVE-2017-7808, CVE-2017-7809)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
firefox

55.0.2+build1-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
firefox

55.0.2+build1-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
firefox

55.0.2+build1-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

LP: 1710987

Read More

USN-3391-1: Firefox vulnerabilities

Ubuntu Security Notice USN-3391-1

15th August, 2017

firefox vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Firefox could be made to crash or run programs as your login if it
opened a malicious website.

Software description

  • firefox
    – Mozilla Open Source web browser

Details

Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to conduct cross-site scripting (XSS) attacks,
bypass sandbox restrictions, obtain sensitive information, spoof the
origin of modal alerts, bypass same origin restrictions, read
uninitialized memory, cause a denial of service via program crash or hang,
or execute arbitrary code. (CVE-2017-7753, CVE-2017-7779, CVE-2017-7780,
CVE-2017-7781, CVE-2017-7783, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786,
CVE-2017-7787, CVE-2017-7788, CVE-2017-7789, CVE-2017-7791, CVE-2017-7792,
CVE-2017-7794, CVE-2017-7797, CVE-2017-7798, CVE-2017-7799, CVE-2017-7800,
CVE-2017-7801, CVE-2017-7802, CVE-2017-7803, CVE-2017-7806, CVE-2017-7807,
CVE-2017-7808, CVE-2017-7809)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
firefox

55.0.1+build2-0ubuntu0.17.04.2
Ubuntu 16.04 LTS:
firefox

55.0.1+build2-0ubuntu0.16.04.2
Ubuntu 14.04 LTS:
firefox

55.0.1+build2-0ubuntu0.14.04.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

CVE-2017-7753,

CVE-2017-7779,

CVE-2017-7780,

CVE-2017-7781,

CVE-2017-7783,

CVE-2017-7784,

CVE-2017-7785,

CVE-2017-7786,

CVE-2017-7787,

CVE-2017-7788,

CVE-2017-7789,

CVE-2017-7791,

CVE-2017-7792,

CVE-2017-7794,

CVE-2017-7797,

CVE-2017-7798,

CVE-2017-7799,

CVE-2017-7800,

CVE-2017-7801,

CVE-2017-7802,

CVE-2017-7803,

CVE-2017-7806,

CVE-2017-7807,

CVE-2017-7808,

CVE-2017-7809

Read More

USN-3390-1: PostgreSQL vulnerabilities

Ubuntu Security Notice USN-3390-1

15th August, 2017

postgresql-9.3, postgresql-9.5, postgresql-9.6 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in PostgreSQL.

Software description

  • postgresql-9.3
    – Object-relational SQL database

  • postgresql-9.5
    – Object-relational SQL database

  • postgresql-9.6
    – object-relational SQL database

Details

Ben de Graaff, Jelte Fennema, and Jeroen van der Ham discovered that
PostgreSQL allowed the use of empty passwords in some authentication
methods, contrary to expected behaviour. A remote attacker could use an
empty password to authenticate to servers that were believed to have
password login disabled. (CVE-2017-7546)

Jeff Janes discovered that PostgreSQL incorrectly handled the
pg_user_mappings catalog view. A remote attacker without server privileges
could possibly use this issue to obtain certain passwords. (CVE-2017-7547)

Chapman Flack discovered that PostgreSQL incorrectly handled lo_put()
permissions. A remote attacker could possibly use this issue to change the
data in a large object. (CVE-2017-7548)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
postgresql-9.6

9.6.4-0ubuntu0.17.04.1
Ubuntu 16.04 LTS:
postgresql-9.5

9.5.8-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
postgresql-9.3

9.3.18-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.

References

CVE-2017-7546,

CVE-2017-7547,

CVE-2017-7548

Read More

USN-3392-1: Linux kernel regression

Ubuntu Security Notice USN-3392-1

16th August, 2017

linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.04 LTS

Summary

USN-3378-1 introduced a regression in the Linux kernel.

Software description

  • linux
    – Linux kernel

  • linux-aws
    – Linux kernel for Amazon Web Services (AWS) systems

  • linux-gke
    – Linux kernel for Google Container Engine (GKE) systems

  • linux-raspi2
    – Linux kernel for Raspberry Pi 2

  • linux-snapdragon
    – Linux kernel for Snapdragon processors

Details

USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a
regression was introduced that prevented conntrack from working
correctly in some situations. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Fan Wu and Shixiong Zhao discovered a race condition between inotify events
and vfs rename operations in the Linux kernel. An unprivileged local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2017-7533)

It was discovered that the Linux kernel did not properly restrict
RLIMIT_STACK size. A local attacker could use this in conjunction with
another vulnerability to possibly execute arbitrary code.
(CVE-2017-1000365)

李强 discovered that the Virtio GPU driver in the Linux kernel did not
properly free memory in some situations. A local attacker could use this to
cause a denial of service (memory consumption). (CVE-2017-10810)

石磊 discovered that the RxRPC Kerberos 5 ticket handling code in the
Linux kernel did not properly verify metadata. A remote attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-7482)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
linux-image-powerpc-e500mc 4.4.0.92.97
linux-image-4.4.0-92-powerpc-smp

4.4.0-92.115
linux-image-4.4.0-92-lowlatency

4.4.0-92.115
linux-image-4.4.0-92-powerpc64-emb

4.4.0-92.115
linux-image-4.4.0-92-generic

4.4.0-92.115
linux-image-4.4.0-1027-gke

4.4.0-1027.27
linux-image-4.4.0-92-powerpc-e500mc

4.4.0-92.115
linux-image-4.4.0-1072-snapdragon

4.4.0-1072.77
linux-image-snapdragon 4.4.0.1072.64
linux-image-4.4.0-92-powerpc64-smp

4.4.0-92.115
linux-image-powerpc64-emb 4.4.0.92.97
linux-image-gke 4.4.0.1027.28
linux-image-generic 4.4.0.92.97
linux-image-4.4.0-92-generic-lpae

4.4.0-92.115
linux-image-aws 4.4.0.1031.33
linux-image-raspi2 4.4.0.1070.70
linux-image-powerpc-smp 4.4.0.92.97
linux-image-generic-lpae 4.4.0.92.97
linux-image-4.4.0-1031-aws

4.4.0-1031.40
linux-image-powerpc64-smp 4.4.0.92.97
linux-image-4.4.0-1070-raspi2

4.4.0-1070.78
linux-image-lowlatency 4.4.0.92.97

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

https://bugs.launchpad.net/bugs/1709032,

https://usn.ubuntu.com/usn/usn-3378-1

Read More