Ubuntu security

Ubuntu security notices

No Image

USN-5699-1: GNU C Library vulnerabilities

2022-10-26 KENNETH 0

USN-5699-1: GNU C Library vulnerabilities Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. (CVE-2021-3326) It was discovered that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service. (CVE-2021-35942) Source: USN-5699-1: GNU C Library vulnerabilities

No Image

USN-5698-2: Open vSwitch vulnerability

2022-10-25 KENNETH 0

USN-5698-2: Open vSwitch vulnerability USN-5698-1 fixed a vulnerability in Open. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5698-2: Open vSwitch vulnerability

No Image

USN-5698-1: Open vSwitch vulnerability

2022-10-25 KENNETH 0

USN-5698-1: Open vSwitch vulnerability It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5698-1: Open vSwitch vulnerability

No Image

USN-5697-1: Barbican vulnerability

2022-10-25 KENNETH 0

USN-5697-1: Barbican vulnerability Douglas Mendizabal discovered that Barbican incorrectly handled certain query strings. A remote attacker could possibly use this issue to bypass the access policy. Source: USN-5697-1: Barbican vulnerability

No Image

USN-5227-3: Pillow vulnerability

2022-10-24 KENNETH 0

USN-5227-3: Pillow vulnerability USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. (CVE-2021-23437) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-34552) It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote [ more… ]