Ubuntu security

Ubuntu security notices

No Image

USN-5351-1: Paramiko vulnerability

2022-03-29 KENNETH 0

USN-5351-1: Paramiko vulnerability Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys. Source: USN-5351-1: Paramiko vulnerability

No Image

USN-5349-1: GNU binutils vulnerability

2022-03-28 KENNETH 0

USN-5349-1: GNU binutils vulnerability It was discovered that GNU binutils gold incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Source: USN-5349-1: GNU binutils vulnerability

No Image

USN-5350-1: Chromium vulnerability

2022-03-28 KENNETH 0

USN-5350-1: Chromium vulnerability It was discovered that Chromium incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Source: USN-5350-1: Chromium vulnerability

No Image

USN-5348-1: Smarty vulnerabilities

2022-03-28 KENNETH 0

USN-5348-1: Smarty vulnerabilities David Gnedt and Thomas Konrad discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. (CVE-2018-13982) It was discovered that Smarty was incorrectly sanitizing the paths present in the templates. An attacker could possibly use this use to read arbitrary files when controlling the executed template. (CVE-2018-16831) It was discovered that Smarty was incorrectly validating security policy data, allowing the execution of static classes even when not permitted by the security settings. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-21408) It was discovered that Smarty was incorrectly managing access control to template objects, which allowed users to perform a sandbox escape. An attacker could possibly use this issue to send specially crafted input to applications [ more… ]

No Image

USN-5342-1: Python vulnerabilities

2022-03-28 KENNETH 0

USN-5342-1: Python vulnerabilities David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426) It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0391) Source: USN-5342-1: Python vulnerabilities