Articles by KENNETH

USN-3898-2: NSS vulnerability nss vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary NSS could be made to crash if it received specially crafted network traffic. Software Description nss – Network Security Service library Details USN-3898-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM libnss3 – 2:3.28.4-0ubuntu0.12.04.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart any applications that use NSS, such as [ more… ]

USN-3899-1: OpenSSL vulnerability openssl, openssl1.0 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary OpenSSL could be made to expose sensitive information over the network. Software Description openssl1.0 – Secure Socket Layer (SSL) cryptographic library and tools openssl – Secure Socket Layer (SSL) cryptographic library and tools Details Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 libssl1.0.0 – 1.0.2n-1ubuntu6.2 Ubuntu 18.04 LTS libssl1.0.0 – 1.0.2n-1ubuntu5.3 Ubuntu 16.04 LTS libssl1.0.0 – 1.0.2g-1ubuntu4.15 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system [ more… ]

USN-3898-1: NSS vulnerability nss vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary NSS could be made to crash if it received specially crafted network traffic. Software Description nss – Network Security Service library Details Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 libnss3 – 2:3.36.1-1ubuntu1.2 Ubuntu 18.04 LTS libnss3 – 2:3.35-2ubuntu2.2 Ubuntu 16.04 LTS libnss3 – 2:3.28.4-0ubuntu0.16.04.5 Ubuntu 14.04 LTS libnss3 – 2:3.28.4-0ubuntu0.14.04.5 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart any [ more… ]