지락문화예술공작단

USN-4379-1: FreeRDP vulnerabilities freerdp2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Ubuntu 19.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in FreeRDP. Software Description freerdp2 – RDP client for Windows Terminal Services Details It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly exeucte arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS libfreerdp-client2-2 – 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp-server2-2 – 2.1.1+dfsg1-0ubuntu0.20.04.1 libfreerdp2-2 – 2.1.1+dfsg1-0ubuntu0.20.04.1 Ubuntu 19.10 libfreerdp-client2-2 – 2.1.1+dfsg1-0ubuntu0.19.10.1 libfreerdp-server2-2 – 2.1.1+dfsg1-0ubuntu0.19.10.1 libfreerdp2-2 – 2.1.1+dfsg1-0ubuntu0.19.10.1 Ubuntu 18.04 LTS libfreerdp-client2-2 – 2.1.1+dfsg1-0ubuntu0.18.04.1 libfreerdp-server2-2 – 2.1.1+dfsg1-0ubuntu0.18.04.1 libfreerdp2-2 – 2.1.1+dfsg1-0ubuntu0.18.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a [ more… ]

USN-4377-2: ca-certificates update ca-certificates update A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Ubuntu 12.04 ESM Summary An expired certificate was removed from ca-certificates. Software Description ca-certificates – Common CA certificates Details USN-4377-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: The ca-certificates package contained an expired CA certificate that caused connectivity issues. This update removes the "AddTrust External Root" CA. In addition, on Ubuntu 12.04 ESM and Ubuntu 14.04 ESM, this update refreshes the included certificates to those contained in the 20190110 package. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM ca-certificates – 20190110~14.04.1~esm1 Ubuntu 12.04 ESM ca-certificates – 20190110~12.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, [ more… ]

USN-4378-1: Flask vulnerability flask vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Summary Flask could be made to consume a large amount of memory if it received a specially crafted input. Software Description flask – Micro web framework based on Werkzeug and Jinja2 Details It was discovered that Flask incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS python-flask – 0.12.2-3ubuntu0.1 python3-flask – 0.12.2-3ubuntu0.1 Ubuntu 16.04 LTS python-flask – 0.10.1-2ubuntu0.1 python3-flask – 0.10.1-2ubuntu0.1 Ubuntu 14.04 ESM python-flask – 0.10.1-2ubuntu0.1~esm1 python3-flask – 0.10.1-2ubuntu0.1~esm1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all [ more… ]