[월:] 2019년 04월

USN-3959-1: Evince vulnerability evince vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Evince could be made to expose sensitive information if it received a specially crafted file. Software Description evince – Document viewer Details It was discovered that Evince incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 evince – 3.32.0-1ubuntu0.1 evince-common – 3.32.0-1ubuntu0.1 Ubuntu 18.10 evince – 3.30.1-1ubuntu1.3 evince-common – 3.30.1-1ubuntu1.3 Ubuntu 18.04 LTS evince – 3.28.4-0ubuntu1.1 evince-common – 3.28.4-0ubuntu1.1 Ubuntu 16.04 LTS evince – 3.18.2-1ubuntu4.4 evince-common – 3.18.2-1ubuntu4.4 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. [ more… ]

USN-3958-1: GStreamer Base Plugins vulnerability gst-plugins-base0.10, gst-plugins-base1.0 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary GStreamer Base Plugins could be made to crash or run programs if it received specially crafted network traffic. Software Description gst-plugins-base1.0 – GStreamer plugins gst-plugins-base0.10 – GStreamer plugins Details It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams. If a user were tricked into opening a crafted RTSP stream with a GStreamer application, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 gstreamer1.0-plugins-base – 1.14.4-1ubuntu1.1 Ubuntu 18.04 LTS gstreamer1.0-plugins-base – 1.14.1-1ubuntu1~ubuntu18.04.2 Ubuntu 16.04 LTS gstreamer0.10-plugins-base – 0.10.36-2ubuntu0.2 gstreamer1.0-plugins-base – 1.8.3-1ubuntu0.3 To [ more… ]

USN-3957-1: MySQL vulnerabilities mysql-5.7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in MySQL. Software Description mysql-5.7 – MySQL database Details Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10, and Ubuntu 19.04 have been updated to MySQL 5.7.26. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-26.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 mysql-server-5.7 – 5.7.26-0ubuntu0.19.04.1 Ubuntu 18.10 mysql-server-5.7 – 5.7.26-0ubuntu0.18.10.1 Ubuntu 18.04 LTS mysql-server-5.7 – 5.7.26-0ubuntu0.18.04.1 Ubuntu 16.04 LTS mysql-server-5.7 [ more… ]