SECURITY

USN-3346-1: bind9 vulnerabilities Ubuntu Security Notice USN-3346-1 29th June, 2017 bind9 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Bind could be made to serve incorrect information or expose sensitive information over the network. Software description bind9 – Internet Domain Name Server Details Clément Berthaux discovered that Bind did not correctly check TSIGauthentication for zone update requests. An attacker could use thisto improperly perform zone updates. (CVE-2017-3143) Clément Berthaux discovered that Bind did not correctly check TSIGauthentication for zone transfer requests. An attacker could use thisto improperly transfer entire zones. (CVE-2017-3142) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: bind9 1:9.10.3.dfsg.P4-10.1ubuntu5.1 Ubuntu 16.10: bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.7 Ubuntu 16.04 LTS: bind9 1:9.10.3.dfsg.P4-8ubuntu1.7 Ubuntu 14.04 LTS: bind9 1:9.9.5.dfsg-3ubuntu0.15 [ more… ]

USN-3323-2: GNU C Library vulnerability Ubuntu Security Notice USN-3323-2 29th June, 2017 eglibc vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Gnu C library could be made to run programs as an administrator. Software description eglibc – GNU C Library Details USN-3323-1 fixed a vulnerability in the GNU C Library. This update provides thecorresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker could use this in combination with another vulnerability to gain administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: libc6 2.15-0ubuntu10.20 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update [ more… ]

USN-3342-2: Linux kernel (HWE) vulnerabilities Ubuntu Security Notice USN-3342-2 29th June, 2017 linux-hwe vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-hwe – Linux hardware enablement (HWE) kernel Details USN-3342-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10.This update provides the corresponding updates for the Linux HardwareEnablement (HWE) kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. USN-3333-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystemencryption subsystem in the Linux kernel. A local attacker could use thisto cause a denial of service (system crash). (CVE-2017-7374) Roee Hay discovered that the parallel port printer driver [ more… ]

USN-3345-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3345-1 29th June, 2017 linux, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-raspi2 – Linux kernel for Raspberry Pi 2 Details USN 3324-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could use this toexecute arbitrary code. (CVE-2017-1000363) It was discovered that a double-free vulnerability existed in the IPv4stack of the Linux kernel. An attacker could use this to cause a denial ofservice [ more… ]