ubuntu-usn

USN-4222-1: GraphicsMagick vulnerabilities graphicsmagick vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in GraphicsMagick. Software Description graphicsmagick – collection of image processing tools Details It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS graphicsmagick – 1.3.23-1ubuntu0.3 libgraphicsmagick++-q16-12 – 1.3.23-1ubuntu0.3 libgraphicsmagick-q16-3 – 1.3.23-1ubuntu0.3 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2017-11638 CVE-2017-11641 CVE-2017-11642 CVE-2017-11643 CVE-2017-12935 CVE-2017-12936 CVE-2017-12937 CVE-2017-13063 CVE-2017-13064 CVE-2017-13065 CVE-2017-13134 CVE-2017-13737 CVE-2017-13775 CVE-2017-13776 CVE-2017-13777 Source: USN-4222-1: GraphicsMagick vulnerabilities

USN-4216-2: Firefox vulnerabilities firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Firefox could be made to crash or run programs as your login if it opened a malicious website. Software Description firefox – Mozilla Open Source web browser Details USN-4216-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS firefox – 71.0+build5-0ubuntu0.16.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update [ more… ]

USN-4214-2: RabbitMQ vulnerability librabbitmq vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary RabbitMQ could be made to execute arbitrary code if it received a specially crafted input. Software Description librabbitmq – Command-line utilities for interacting with AMQP servers Details USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS amqp-tools – 0.8.0-1ubuntu0.18.04.2 librabbitmq4 – 0.8.0-1ubuntu0.18.04.2 Ubuntu 16.04 LTS amqp-tools – 0.7.1-1ubuntu0.2 librabbitmq-dev – 0.7.1-1ubuntu0.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard [ more… ]

USN-4217-2: Samba vulnerabilities samba vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Summary Several security issues were fixed in Samba. Software Description samba – SMB/CIFS file, print, and login server for Unix Details USN-4217-1 fixed several vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. (CVE-2019-14861) Isaac Boukris discovered that Samba did not enforce the Kerberos DelegationNotAllowed feature restriction, contrary to expectations. (CVE-2019-14870) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM libsmbclient – 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm4 samba – 2:4.3.11+dfsg-0ubuntu0.14.04.20+esm4 To update your system, please follow these instructions: [ more… ]

USN-4221-1: libpcap vulnerability libpcap vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 ESM Summary Applications using libpcap could be made to crash if given specially crafted data. Software Description libpcap – Library for for user-level network packet capture Details It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service (memory exhaustion). Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libpcap0.8 – 1.8.1-6ubuntu1.19.04.1 Ubuntu 18.04 LTS libpcap0.8 – 1.8.1-6ubuntu1.18.04.1 Ubuntu 16.04 LTS libpcap0.8 – 1.7.4-2ubuntu0.1 Ubuntu 14.04 ESM libpcap0.8 – 1.5.3-2ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. [ more… ]