Articles by KENNETH

USN-3460-1: WebKitGTK+ vulnerabilities Ubuntu Security Notice USN-3460-1 23rd October, 2017 webkit2gtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software description webkit2gtk – Web content engine library for GTK+ Details A large number of security issues were discovered in the WebKitGTK+ Web andJavaScript engines. If a user were tricked into viewing a maliciouswebsite, a remote attacker could exploit a variety of issues related to webbrowser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.17.04.2 libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.17.04.2 Ubuntu 16.04 LTS: libwebkit2gtk-4.0-37 2.18.0-0ubuntu0.16.04.2 libjavascriptcoregtk-4.0-18 2.18.0-0ubuntu0.16.04.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, which [ more… ]

USN-3457-1: curl vulnerability Ubuntu Security Notice USN-3457-1 23rd October, 2017 curl vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary curl could be made to crash or run programs if it received specially crafted network traffic. Software description curl – HTTP, HTTPS, and FTP client and client libraries Details Brian Carpenter discovered that curl incorrectly handled IMAP FETCHresponse lines. A remote attacker could use this issue to cause curl tocrash, resulting in a denial of service, or possibly execute arbitrarycode. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: libcurl3-nss 7.55.1-1ubuntu2.1 curl 7.55.1-1ubuntu2.1 libcurl3-gnutls 7.55.1-1ubuntu2.1 libcurl3 7.55.1-1ubuntu2.1 Ubuntu 17.04: libcurl3-nss 7.52.1-4ubuntu1.3 curl 7.52.1-4ubuntu1.3 libcurl3-gnutls 7.52.1-4ubuntu1.3 libcurl3 7.52.1-4ubuntu1.3 Ubuntu 16.04 LTS: libcurl3-nss 7.47.0-1ubuntu2.4 curl 7.47.0-1ubuntu2.4 libcurl3-gnutls 7.47.0-1ubuntu2.4 libcurl3 [ more… ]

USN-3459-1: MySQL vulnerabilities Ubuntu Security Notice USN-3459-1 23rd October, 2017 mysql-5.5, mysql-5.7 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in MySQL. Software description mysql-5.5 – MySQL database mysql-5.7 – MySQL database Details Multiple security issues were discovered in MySQL and this update includesnew upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.58 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS,Ubuntu 17.04 and Ubuntu 17.10 have been updated to MySQL 5.7.20. In addition to security fixes, the updated packages contain bug fixes,new features, and possibly incompatible changes. Please see the following for more information:http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-58.htmlhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.10: mysql-server-5.7 5.7.20-0ubuntu0.17.10.1 Ubuntu 17.04: mysql-server-5.7 [ more… ]