Articles by KENNETH

USN-3243-1: Git vulnerability Ubuntu Security Notice USN-3243-1 23rd March, 2017 git vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Git could be made to run programs as your login if it explored a specially crafted repository. Software description git – fast, scalable, distributed revision control system Details It was discovered that Git incorrectly sanitized branch names in the PS1variable when configured to display the repository status in the shellprompt. If a user were tricked into exploring a malicious repository, aremote attacker could use this issue to execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: git 1:1.9.1-1ubuntu0.4 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References [ more… ]

USN-3242-1: Samba vulnerability Ubuntu Security Notice USN-3242-1 23rd March, 2017 samba vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Samba could be made to expose sensitive information over the network. Software description samba – SMB/CIFS file, print, and login server for Unix Details Jann Horn discovered that Samba incorrectly handled symlinks. Anauthenticated remote attacker could use this issue to access files on theserver outside of the exported directories. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: samba 2:4.4.5+dfsg-2ubuntu5.4 Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.5 Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.6 Ubuntu 12.04 LTS: samba 2:3.6.25-0ubuntu0.12.04.9 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. [ more… ]