No Image

USN-3242-2: Samba regression

2017-03-31 KENNETH 0

USN-3242-2: Samba regression Ubuntu Security Notice USN-3242-2 30th March, 2017 samba regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-3242-1 introduced a regression in Samba. Software description samba – SMB/CIFS file, print, and login server for Unix Details USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced aregression when Samba is configured to disable following symbolic links. This update fixes the problem. Original advisory details: Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: samba 2:4.4.5+dfsg-2ubuntu5.5 Ubuntu 16.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.16.04.6 Ubuntu 14.04 LTS: samba 2:4.3.11+dfsg-0ubuntu0.14.04.7 Ubuntu [ more… ]

No Image

USN-3251-1: Linux kernel vulnerability

2017-03-30 KENNETH 0

USN-3251-1: Linux kernel vulnerability Ubuntu Security Notice USN-3251-1 29th March, 2017 linux, linux-raspi2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel linux-raspi2 – Linux kernel for Raspberry Pi 2 Details It was discovered that the xfrm framework for transforming packets in theLinux kernel did not properly validate data received from user space. Alocal attacker could use this to cause a denial of service (system crash)or execute arbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: linux-image-4.8.0-45-powerpc-e500mc 4.8.0-45.48 linux-image-powerpc-smp 4.8.0.45.57 linux-image-powerpc-e500mc 4.8.0.45.57 linux-image-4.8.0-45-generic-lpae 4.8.0-45.48 linux-image-generic 4.8.0.45.57 linux-image-4.8.0-45-generic 4.8.0-45.48 linux-image-generic-lpae 4.8.0.45.57 linux-image-4.8.0-1032-raspi2 4.8.0-1032.35 linux-image-4.8.0-45-powerpc-smp 4.8.0-45.48 linux-image-4.8.0-45-lowlatency 4.8.0-45.48 linux-image-lowlatency 4.8.0.45.57 linux-image-raspi2 4.8.0.1032.36 To [ more… ]

No Image

USN-3249-1: Linux kernel vulnerability

2017-03-30 KENNETH 0

USN-3249-1: Linux kernel vulnerability Ubuntu Security Notice USN-3249-1 29th March, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gke – Linux kernel for Google Container Engine (GKE) systems linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon Processors Details It was discovered that the xfrm framework for transforming packets in theLinux kernel did not properly validate data received from user space. Alocal attacker could use this to cause a denial of service (system crash)or execute arbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to [ more… ]

No Image

USN-3248-1: Linux kernel vulnerability

2017-03-30 KENNETH 0

USN-3248-1: Linux kernel vulnerability Ubuntu Security Notice USN-3248-1 29th March, 2017 linux, linux-ti-omap4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel linux-ti-omap4 – Linux kernel for OMAP4 Details It was discovered that the xfrm framework for transforming packets in theLinux kernel did not properly validate data received from user space. Alocal attacker could use this to cause a denial of service (system crash)or execute arbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-powerpc-smp 3.2.0.125.140 linux-image-3.2.0-125-generic-pae 3.2.0-125.168 linux-image-omap4 3.2.0.1503.98 linux-image-3.2.0-125-powerpc64-smp 3.2.0-125.168 linux-image-generic 3.2.0.125.140 linux-image-3.2.0-125-virtual 3.2.0-125.168 linux-image-generic-pae 3.2.0.125.140 linux-image-highbank 3.2.0.125.140 linux-image-3.2.0-125-generic 3.2.0-125.168 linux-image-3.2.0-125-omap 3.2.0-125.168 linux-image-3.2.0-125-powerpc-smp 3.2.0-125.168 linux-image-powerpc64-smp 3.2.0.125.140 linux-image-omap [ more… ]

No Image

USN-3250-1: Linux kernel vulnerability

2017-03-30 KENNETH 0

USN-3250-1: Linux kernel vulnerability Ubuntu Security Notice USN-3250-1 29th March, 2017 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary The system could be made to crash or run programs as an administrator. Software description linux – Linux kernel Details It was discovered that the xfrm framework for transforming packets in theLinux kernel did not properly validate data received from user space. Alocal attacker could use this to cause a denial of service (system crash)or execute arbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: linux-image-powerpc-smp 3.13.0.115.125 linux-image-powerpc-e500mc 3.13.0.115.125 linux-image-3.13.0-115-powerpc64-smp 3.13.0-115.162 linux-image-3.13.0-115-lowlatency 3.13.0-115.162 linux-image-3.13.0-115-generic 3.13.0-115.162 linux-image-generic 3.13.0.115.125 linux-image-3.13.0-115-generic-lpae 3.13.0-115.162 linux-image-3.13.0-115-powerpc-e500mc 3.13.0-115.162 linux-image-3.13.0-115-powerpc-e500 3.13.0-115.162 linux-image-powerpc-e500 3.13.0.115.125 linux-image-powerpc64-smp 3.13.0.115.125 linux-image-generic-lpae 3.13.0.115.125 linux-image-3.13.0-115-powerpc-smp 3.13.0-115.162 linux-image-lowlatency 3.13.0.115.125 To update your system, [ more… ]