No Image

Announcing Windows 10 Insider Preview Build 19559

2020-02-06 KENNETH 0

Announcing Windows 10 Insider Preview Build 19559 Hello Windows Insiders, today we’re releasing Windows 10 Insider Preview Build 19559.1000 to Windows Insiders in the Fast ring. If you want a complete look at what build is in which Insider ring, head over to Flight Hub. You can also check out the rest of our documentation here, including a list of new features and updates. Not seeing any of the features in this build? Check your Windows Insider Settings to make sure you’re on the Fast ring. Submit feedback here to let us know if things weren’t working the way you expected. General changes, improvements, and fixes for PC We fixed an issue with the IME candidate window for East Asian IMEs (Simplified Chinese, Traditional Chinese, and the Japanese IME) not opening sometimes on recent builds. We fixed an issue that [ more… ]

No Image

USN-4270-1: Exiv2 vulnerability

2020-02-06 KENNETH 0

USN-4270-1: Exiv2 vulnerability exiv2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Exiv2 could be made to crash if it opened a specially crafted image. Software Description exiv2 – EXIF/IPTC/XMP metadata manipulation tool Details It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 exiv2 – 0.25-4ubuntu2.2 libexiv2-14 – 0.25-4ubuntu2.2 Ubuntu 18.04 LTS exiv2 – 0.25-3.1ubuntu0.18.04.5 libexiv2-14 – 0.25-3.1ubuntu0.18.04.5 Ubuntu 16.04 LTS exiv2 – 0.25-2.1ubuntu16.04.6 libexiv2-14 – 0.25-2.1ubuntu16.04.6 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2019-20421 Source: USN-4270-1: Exiv2 vulnerability

No Image

USN-4269-1: systemd vulnerabilities

2020-02-06 KENNETH 0

USN-4269-1: systemd vulnerabilities systemd vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in systemd. Software Description systemd – system and service manager Details It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-16888) It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service. (CVE-2019-20386) Jann Horn discovered that systemd incorrectly handled services that use the DynamicUser property. A local attacker could possibly use this issue to access resources owned by a different service in the future. This issue [ more… ]

No Image

USN-4268-1: OpenSMTPD vulnerability

2020-02-05 KENNETH 0

USN-4268-1: OpenSMTPD vulnerability OpenSMTPD vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Summary OpenSMTPD could be made to run programs as root if it received specially crafted input over the network. Software Description opensmtpd – secure, reliable, lean, and easy-to configure SMTP server Details It was discovered that OpenSMTPD incorrectly verified the sender’s or receiver’s e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 opensmtpd – 6.0.3p1-6ubuntu0.1 Ubuntu 18.04 LTS opensmtpd – 6.0.3p1-1ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2020-7247 Source: USN-4268-1: OpenSMTPD vulnerability

No Image

USN-4263-2: Sudo vulnerability

2020-02-05 KENNETH 0

USN-4263-2: Sudo vulnerability sudo vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary Sudo could allow unintended access to the administrator account. Software Description sudo – Provide limited super user privileges to specific users Details USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM sudo – 1.8.9p5-1ubuntu1.5+esm3 sudo-ldap – 1.8.9p5-1ubuntu1.5+esm3 Ubuntu 12.04 ESM sudo – 1.8.3p1-1ubuntu3.9 sudo-ldap – 1.8.3p1-1ubuntu3.9 To update your system, please follow these [ more… ]