ubuntu-usn

Ubuntu security notices

No Image

USN-4668-4: python-apt vulnerability

2021-01-12 KENNETH 0

USN-4668-4: python-apt vulnerability USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Source: USN-4668-4: python-apt vulnerability

No Image

USN-4667-2: APT vulnerability

2021-01-12 KENNETH 0

USN-4667-2: APT vulnerability USN-4667-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service. Source: USN-4667-2: APT vulnerability

No Image

USN-4688-1: JasPer vulnerabilities

2021-01-11 KENNETH 0

USN-4688-1: JasPer vulnerabilities It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. (CVE-2018-18873) It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-19542) It was discovered that Jasper incorrectly handled certain JPC encoders. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-27828) It was discovered that Jasper incorrectly handled certain images. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2017-9782) Source: USN-4688-1: JasPer vulnerabilities

No Image

USN-4687-1: Firefox vulnerability

2021-01-08 KENNETH 0

USN-4687-1: Firefox vulnerability A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Source: USN-4687-1: Firefox vulnerability

No Image

USN-4686-1: Ghostscript vulnerabilities

2021-01-07 KENNETH 0

USN-4686-1: Ghostscript vulnerabilities It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-4686-1: Ghostscript vulnerabilities