ubuntu-usn

Ubuntu security notices

No Image

USN-4737-2: Bind vulnerability

2021-03-02 KENNETH 0

USN-4737-2: Bind vulnerability USN-4737-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the Bind AppArmor profile. Source: USN-4737-2: Bind vulnerability

No Image

USN-4756-1: Firefox vulnerabilities

2021-02-27 KENNETH 0

USN-4756-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, conduct cross-site scripting (XSS) attacks, bypass HTTP auth phishing warnings, or execute arbitrary code. Source: USN-4756-1: Firefox vulnerabilities

No Image

USN-4754-2: Python regression

2021-02-26 KENNETH 0

USN-4754-2: Python regression USN-4754-1 fixed a vulnerability in Python. The fix for CVE-2021-3177 introduced a regression in Python 2.7. This update reverts the security fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177) Source: USN-4754-2: Python regression

No Image

USN-4755-1: LibTIFF vulnerabilities

2021-02-26 KENNETH 0

USN-4755-1: LibTIFF vulnerabilities It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Source: USN-4755-1: LibTIFF vulnerabilities

No Image

USN-4754-1: Python vulnerabilities

2021-02-25 KENNETH 0

USN-4754-1: Python vulnerabilities It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177) Source: USN-4754-1: Python vulnerabilities