ubuntu-usn

Ubuntu security notices

No Image

USN-4676-1: OpenEXR vulnerabilities

2021-01-05 KENNETH 0

USN-4676-1: OpenEXR vulnerabilities It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Source: USN-4676-1: OpenEXR vulnerabilities

No Image

USN-4675-1: OpenStack Horizon vulnerability

2021-01-05 KENNETH 0

USN-4675-1: OpenStack Horizon vulnerability Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL. Source: USN-4675-1: OpenStack Horizon vulnerability

No Image

USN-4674-2: Dovecot vulnerability

2021-01-05 KENNETH 0

USN-4674-2: Dovecot vulnerability USN-4674-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-25275) Source: USN-4674-2: Dovecot vulnerability

No Image

USN-4674-1: Dovecot vulnerabilities

2021-01-04 KENNETH 0

USN-4674-1: Dovecot vulnerabilities It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users’ email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-24386) Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. (CVE-2020-25275) Source: USN-4674-1: Dovecot vulnerabilities

No Image

USN-4668-3: python-apt regression

2021-01-04 KENNETH 0

USN-4668-3: python-apt regression USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Source: USN-4668-3: python-apt regression