Ubuntu security notices
USN-5994-1: HAProxy vulnerability It was discovered that HAProxy incorrectly initialized certain connection buffers. A remote attacker could possibly use this issue to obtain sensitive information. Source: USN-5994-1: HAProxy vulnerability
USN-5993-1: Samba vulnerabilities Demi Marie Obenour discovered that the Samba LDAP server incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. (CVE-2023-0614) Andrew Bartlett discovered that the Samba AD DC admin tool incorrectly sent passwords in cleartext. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-0922) Source: USN-5993-1: Samba vulnerabilities
USN-5992-1: ldb vulnerability Demi Marie Obenour discovered that ldb, when used with Samba, incorrectly handled certain confidential attribute values. A remote authenticated attacker could possibly use this issue to obtain certain sensitive information. Source: USN-5992-1: ldb vulnerability
USN-5966-3: amanda regression USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This update provides security fixes for Ubuntu 22.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. (CVE-2022-37703) Maher Azzouzi discovered a privilege escalation vulnerability in the rundump binary within amanda. rundump is a suid binary owned by root that did not perform adequate sanitization of environment variables or commandline options and could possibly be used by a malicious local attacker to escalate privileges. (CVE-2022-37704) Maher Azzouzi discovered a privilege escalation vulnerability in the runtar [ more… ]
USN-5855-3: ImageMagick regression USN-5855-2 fixed vulnerabilities in ImageMagick. Unfortunately an additional mitigation caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images. Source: USN-5855-3: ImageMagick regression
Copyright © 2026 | WordPress Theme by MH Themes
