[월:] 2016년 05월

USN-2950-4: Samba regressions Ubuntu Security Notice USN-2950-4 18th May, 2016 samba regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary USN-2950-1 introduced regressions in Samba. Software description samba – SMB/CIFS file, print, and login server for Unix Details USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introducedin Ubuntu 12.04 LTS caused interoperability issues. This update fixescompatibility with certain NAS devices, and allows connecting to Samba 3.6servers by relaxing the "client ipc signing" parameter to "auto". We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. (CVE-2015-5370) Stefan Metzmacher discovered that Samba contained multiple flaws [ more… ]

USN-2983-1: Expat vulnerability Ubuntu Security Notice USN-2983-1 18th May, 2016 expat vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Expat could be made to crash or run programs as your login if it opened a specially crafted file. Software description expat – XML parsing C library Details Gustavo Grieco discovered that Expat incorrectly handled malformed XMLdata. If a user or application linked against Expat were tricked intoopening a crafted XML file, an attacker could cause a denial of service, orpossibly execute arbitrary code. (CVE-2016-0718) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: libexpat1 2.1.0-7ubuntu0.16.04.1 lib64expat1 2.1.0-7ubuntu0.16.04.1 Ubuntu 15.10: libexpat1 2.1.0-7ubuntu0.15.10.1 lib64expat1 2.1.0-7ubuntu0.15.10.1 Ubuntu 14.04 LTS: libexpat1 2.1.0-4ubuntu1.2 lib64expat1 2.1.0-4ubuntu1.2 Ubuntu 12.04 LTS: libexpat1 [ more… ]