ubuntu-usn

USN-4664-1: Aptdaemon vulnerabilities Kevin Backhouse discovered that Aptdaemon incorrectly handled certain properties. A local attacker could use this issue to test for the presence of local files. (CVE-2020-16128) Kevin Backhouse discovered that Aptdaemon incorrectly handled permission checks. A local attacker could possibly use this issue to cause a denial of service. (CVE-2020-27349) Source: USN-4664-1: Aptdaemon vulnerabilities

USN-4663-1: GDK-PixBuf vulnerability Melvin Kool discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to hang, resulting in a denial of service. Source: USN-4663-1: GDK-PixBuf vulnerability

USN-4662-1: OpenSSL vulnerability David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. Source: USN-4662-1: OpenSSL vulnerability

USN-4656-2: X.Org X Server vulnerabilities USN-4656-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server XKB extension incorrectly handled certain inputs. A local attacker could possibly use this issue to escalate privileges. Source: USN-4656-2: X.Org X Server vulnerabilities

USN-4661-1: Snapcraft vulnerability It was discovered that Snapcraft includes the current directory when configuring LD_LIBRARY_PATH for application commands. If a user were tricked into installing a malicious snap or downloading a malicious library, under certain circumstances an attacker could exploit this to affect strict mode snaps that have access to the library and when launched from the directory containing the library. Source: USN-4661-1: Snapcraft vulnerability