星球

Blog:Ubuntu security notices


最後更新: 2016/10/4 19:54:36
RSS | RDF | ATOM

USN-3094-1: Systemd vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3094-1


29th September, 2016


systemd vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS





Summary


The system could be made unavailable under certain conditions.





Software description





  • systemd
    - system and service manager







Details


Andrew Ayer discovered that Systemd improperly handled zero-length
notification messages. A local unprivileged attacker could use
this to cause a denial of service (init crash leading to system
unavailability).



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




systemd

229-4ubuntu10






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




LP: 1628687


USN-3093-1: ClamAV vulnerabilities

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3093-1


28th September, 2016


clamav vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


ClamAV could be made to crash or run programs if it processed a specially
crafted file.





Software description





  • clamav
    - Anti-virus utility for Unix











Details


It was discovered that ClamAV incorrectly handled certain malformed files.
A remote attacker could use this issue to cause ClamAV to crash, resulting
in a denial of service, or possibly execute arbitrary code.



In the default installation, attackers would be isolated by the ClamAV
AppArmor profile.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




clamav

0.99.2+dfsg-0ubuntu0.16.04.1





Ubuntu 14.04 LTS:




clamav

0.99.2+addedllvm-0ubuntu0.14.04.1





Ubuntu 12.04 LTS:




clamav

0.99.2+addedllvm-0ubuntu0.12.04.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.





References




CVE-2016-1371,

CVE-2016-1372,

CVE-2016-1405


USN-3092-1: Samba vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3092-1


28th September, 2016


samba vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS





Summary


Samba could be tricked into connecting to impersonated servers.





Software description





  • samba
    - SMB/CIFS file, print, and login server for Unix









Details


Stefan Metzmacher discovered that Samba incorrectly handled certain flags
in SMB2/3 client connections. A remote attacker could use this issue to
disable client signing and impersonate servers by performing a man in the
middle attack.



Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
In addition to the security fix, the updated packages contain bug fixes,
new features, and possibly incompatible changes.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




samba

2:4.3.11+dfsg-0ubuntu0.16.04.1





Ubuntu 14.04 LTS:




samba

2:4.3.11+dfsg-0ubuntu0.14.04.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.





References




CVE-2016-2119


USN-3090-2: Pillow regresssion

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3090-2


30th September, 2016


Pillow regression


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 14.04 LTS







Software description





  • pillow
    - Python Imaging Library compatibility layer







Details


USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix CVE-2014-9601
caused a regression which resulted in failures when processing certain
png images. This update temporarily reverts the security fix for CVE-2014-9601
pending further investigation.



We apologize for the inconvenience.



Original advisory details:



It was discovered that a flaw in processing a compressed text chunk in
a PNG image could cause the image to have a large size when decompressed,
potentially leading to a denial of service. (CVE-2014-9601)



Andrew Drake discovered that Pillow incorrectly validated input. A remote
attacker could use this to cause Pillow to crash, resulting in a denial
of service. (CVE-2014-3589)



Eric Soroos discovered that Pillow incorrectly handled certain malformed
FLI, Tiff, and PhotoCD files. A remote attacker could use this issue to
cause Pillow to crash, resulting in a denial of service.
(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 14.04 LTS:




python-imaging

2.3.0-1ubuntu3.3






python3-pil

2.3.0-1ubuntu3.3






python-pil

2.3.0-1ubuntu3.3






python3-imaging

2.3.0-1ubuntu3.3






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


None





References




CVE-2014-9601,

LP: 1628351


USN-3090-1: Pillow vulnerabilities

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3090-1


27th September, 2016


Pillow vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 14.04 LTS





Summary


Pillow could be made to crash if it received specially crafted input or opened
a specially crafted file.





Software description





  • pillow
    - Python Imaging Library compatibility layer







Details



It was discovered that a flaw in processing a compressed text chunk in
a PNG image could cause the image to have a large size when decompressed,
potentially leading to a denial of service. (CVE-2014-9601)



Andrew Drake discovered that Pillow incorrectly validated input. A remote
attacker could use this to cause Pillow to crash, resulting in a denial
of service. (CVE-2014-3589)



Eric Soroos discovered that Pillow incorrectly handled certain malformed
FLI, Tiff, and PhotoCD files. A remote attacker could use this issue to
cause Pillow to crash, resulting in a denial of service.
(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)





Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 14.04 LTS:




python-imaging

2.3.0-1ubuntu3.2






python3-pil

2.3.0-1ubuntu3.2






python-pil

2.3.0-1ubuntu3.2






python3-imaging

2.3.0-1ubuntu3.2






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2014-3589,

CVE-2014-9601,

CVE-2016-0740,

CVE-2016-0775,

CVE-2016-2533


USN-3089-1: Django vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3089-1


27th September, 2016


python-django vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


Django could be made to set arbitrary cookies.





Software description





  • python-django
    - High-level Python web development framework











Details


Sergey Bobrov discovered that Django incorrectly parsed cookies when being
used with Google Analytics. A remote attacker could possibly use this issue
to set arbitrary cookies leading to a CSRF protection bypass.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




python3-django

1.8.7-1ubuntu5.2






python-django

1.8.7-1ubuntu5.2





Ubuntu 14.04 LTS:




python-django

1.6.1-2ubuntu0.15





Ubuntu 12.04 LTS:




python-django

1.3.1-4ubuntu1.21






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2016-7401


USN-3088-1: Bind vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3088-1


27th September, 2016


bind9 vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


Bind could be made to crash if it received specially crafted network
traffic.





Software description





  • bind9
    - Internet Domain Name Server











Details


It was discovered that Bind incorrectly handled building responses to
certain specially crafted requests. A remote attacker could possibly use
this issue to cause Bind to crash, resulting in a denial of service.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




bind9

1:9.10.3.dfsg.P4-8ubuntu1.1





Ubuntu 14.04 LTS:




bind9

1:9.9.5.dfsg-3ubuntu0.9





Ubuntu 12.04 LTS:




bind9

1:9.8.1.dfsg.P1-4ubuntu0.17






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2016-2776


USN-3087-2: OpenSSL regression

2016/9/24 4:42:54 | Ubuntu security notices

Ubuntu Security Notice USN-3087-2


23rd September, 2016


openssl regression


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


USN-3087-1 introduced a regression in OpenSSL.





Software description





  • openssl
    - Secure Socket Layer (SSL) cryptographic library and tools











Details


USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was
incomplete and caused a regression when parsing certificates. This update
fixes the problem.



We apologize for the inconvenience.



Original advisory details:



Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request
extension. A remote attacker could possibly use this issue to cause memory
consumption, resulting in a denial of service. (CVE-2016-6304)

Guido Vranken discovered that OpenSSL used undefined behaviour when
performing pointer arithmetic. A remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue has only been addressed in Ubuntu 16.04 LTS in this update.
(CVE-2016-2177)

César Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL
did not properly use constant-time operations when performing DSA signing.
A remote attacker could possibly use this issue to perform a cache-timing
attack and recover private DSA keys. (CVE-2016-2178)

Quan Luo discovered that OpenSSL did not properly restrict the lifetime
of queue entries in the DTLS implementation. A remote attacker could
possibly use this issue to consume memory, resulting in a denial of
service. (CVE-2016-2179)

Shi Lei discovered that OpenSSL incorrectly handled memory in the
TS_OBJ_print_bio() function. A remote attacker could possibly use this
issue to cause a denial of service. (CVE-2016-2180)

It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay
feature. A remote attacker could possibly use this issue to cause a denial
of service. (CVE-2016-2181)

Shi Lei discovered that OpenSSL incorrectly validated division results. A
remote attacker could possibly use this issue to cause a denial of service.
(CVE-2016-2182)

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES
ciphers were vulnerable to birthday attacks. A remote attacker could
possibly use this flaw to obtain clear text data from long encrypted
sessions. This update moves DES from the HIGH cipher list to MEDIUM.
(CVE-2016-2183)

Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths.
A remote attacker could use this issue to cause a denial of service.
(CVE-2016-6302)

Shi Lei discovered that OpenSSL incorrectly handled memory in the
MDC2_Update() function. A remote attacker could possibly use this issue to
cause a denial of service. (CVE-2016-6303)

Shi Lei discovered that OpenSSL incorrectly performed certain message
length checks. A remote attacker could possibly use this issue to cause a
denial of service. (CVE-2016-6306)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




libssl1.0.0

1.0.2g-1ubuntu4.5





Ubuntu 14.04 LTS:




libssl1.0.0

1.0.1f-1ubuntu2.21





Ubuntu 12.04 LTS:




libssl1.0.0

1.0.1-4ubuntu5.38






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to reboot your computer to make
all the necessary changes.





References




LP: 1626883


USN-3087-1: OpenSSL vulnerabilities

2016/9/24 4:42:54 | Ubuntu security notices

Ubuntu Security Notice USN-3087-1


22nd September, 2016


openssl vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


Several security issues were fixed in OpenSSL.





Software description





  • openssl
    - Secure Socket Layer (SSL) cryptographic library and tools











Details


Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request
extension. A remote attacker could possibly use this issue to cause memory
consumption, resulting in a denial of service. (CVE-2016-6304)



Guido Vranken discovered that OpenSSL used undefined behaviour when
performing pointer arithmetic. A remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue has only been addressed in Ubuntu 16.04 LTS in this update.
(CVE-2016-2177)



César Pereida, Billy Brumley, and Yuval Yarom discovered that OpenSSL
did not properly use constant-time operations when performing DSA signing.
A remote attacker could possibly use this issue to perform a cache-timing
attack and recover private DSA keys. (CVE-2016-2178)



Quan Luo discovered that OpenSSL did not properly restrict the lifetime
of queue entries in the DTLS implementation. A remote attacker could
possibly use this issue to consume memory, resulting in a denial of
service. (CVE-2016-2179)



Shi Lei discovered that OpenSSL incorrectly handled memory in the
TS_OBJ_print_bio() function. A remote attacker could possibly use this
issue to cause a denial of service. (CVE-2016-2180)



It was discovered that the OpenSSL incorrectly handled the DTLS anti-replay
feature. A remote attacker could possibly use this issue to cause a denial
of service. (CVE-2016-2181)



Shi Lei discovered that OpenSSL incorrectly validated division results. A
remote attacker could possibly use this issue to cause a denial of service.
(CVE-2016-2182)



Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES
ciphers were vulnerable to birthday attacks. A remote attacker could
possibly use this flaw to obtain clear text data from long encrypted
sessions. This update moves DES from the HIGH cipher list to MEDIUM.
(CVE-2016-2183)



Shi Lei discovered that OpenSSL incorrectly handled certain ticket lengths.
A remote attacker could use this issue to cause a denial of service.
(CVE-2016-6302)



Shi Lei discovered that OpenSSL incorrectly handled memory in the
MDC2_Update() function. A remote attacker could possibly use this issue to
cause a denial of service. (CVE-2016-6303)



Shi Lei discovered that OpenSSL incorrectly performed certain message
length checks. A remote attacker could possibly use this issue to cause a
denial of service. (CVE-2016-6306)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




libssl1.0.0

1.0.2g-1ubuntu4.4





Ubuntu 14.04 LTS:




libssl1.0.0

1.0.1f-1ubuntu2.20





Ubuntu 12.04 LTS:




libssl1.0.0

1.0.1-4ubuntu5.37






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to reboot your computer to make
all the necessary changes.





References




CVE-2016-2177,

CVE-2016-2178,

CVE-2016-2179,

CVE-2016-2180,

CVE-2016-2181,

CVE-2016-2182,

CVE-2016-2183,

CVE-2016-6302,

CVE-2016-6303,

CVE-2016-6304,

CVE-2016-6306


USN-3086-1: Irssi vulnerabilities

2016/9/24 4:42:54 | Ubuntu security notices

Ubuntu Security Notice USN-3086-1


21st September, 2016


irssi vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS





Summary


Irssi could be made to crash if it received specially crafted network
traffic.





Software description





  • irssi
    - terminal based IRC client







Details


Gabriel Campana and Adrien Guinet discovered that the format parsing code
in Irssi did not properly verify 24bit color codes. A remote attacker could
use this to cause a denial of service (application crash). (CVE-2016-7044)



Gabriel Campana and Adrien Guinet discovered that a buffer overflow existed
in the format parsing code in Irssi. A remote attacker could use this to
cause a denial of service (application crash). (CVE-2016-7045)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




irssi

0.8.19-1ubuntu1.2






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to restart Irssi to make
all the necessary changes.





References




CVE-2016-7044,

CVE-2016-7045