what you don't know can hurt you
Showing 76 - 100 of 5,049 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2020-04-06
Ubuntu Security Notice USN-4253-2
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-2 - USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14615
MD5 | 0c72b2293c4c2b0d61b5955e9d5033bc
Ubuntu Security Notice USN-4257-1
Posted Jan 29, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4257-1 - It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. It was discovered that OpenJDK incorrectly validated properties of SASL messages included in Kerberos GSSAPI. An unauthenticated remote attacker with network access via Kerberos could possibly use this issue to insert, modify or obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-2583, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE-2020-2655, CVE-2020-2659
MD5 | e3e0f6612822b994852fa89d37c95de8
Ubuntu Security Notice USN-4236-3
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4236-3 - USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-13627
MD5 | fb79ae85724fe7b85ee0f0b04bf2523b
Ubuntu Security Notice USN-4256-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4256-1 - It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-19906
MD5 | da2ac3b5c57fadeeb1b734bcfafb3e3c
Ubuntu Security Notice USN-4254-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4254-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332
MD5 | 897b5af454c7bd1c524507330aa6f2df
Ubuntu Security Notice USN-4255-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4255-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615, CVE-2020-7053
MD5 | 8355331a9fdcb46e17fbb4c2ba7a86a6
Ubuntu Security Notice USN-4253-1
Posted Jan 28, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4253-1 - It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-14615
MD5 | 7ecbce4e5ad782dcc2089c7132463cbe
Ubuntu Security Notice USN-4252-2
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-2 - USN-4252-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | d3212aa18e1bf406166c4bdd340b5096
Ubuntu Security Notice USN-4252-1
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4252-1 - Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16808, CVE-2018-14462, CVE-2018-14466, CVE-2018-14470, CVE-2018-14882, CVE-2018-16230, CVE-2018-19519
MD5 | e3de9f6ac9cf4c263cae32925ace5430
Ubuntu Security Notice USN-4250-1
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4250-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.19 in Ubuntu 19.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.29. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-2570, CVE-2020-2577, CVE-2020-2589, CVE-2020-2686
MD5 | c7ccf5650708a9d479699794a6821fe7
Ubuntu Security Notice USN-4251-1
Posted Jan 27, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4251-1 - It was discovered that Tomcat incorrectly handled the RMI registry when configured with the JMX Remote Lifecycle Listener. A local attacker could possibly use this issue to obtain credentials and gain complete control over the Tomcat instance. It was discovered that Tomcat incorrectly handled FORM authentication. A remote attacker could possibly use this issue to perform a session fixation attack. Various other issues were also addressed.

tags | advisory, remote, local, registry
systems | linux, ubuntu
advisories | CVE-2019-12418, CVE-2019-17563
MD5 | 814d8cfa779825aef578ee7c98213d00
Ubuntu Security Notice USN-4230-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4230-2 - USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-15961
MD5 | ee62c4b91fc0f574cddd78882d3366cb
Ubuntu Security Notice USN-4233-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4233-2 - USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1 priority strings that can be used to temporarily re-enable SHA1 until certificates can be replaced with a stronger algorithm. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
MD5 | 3cb4a47fc0d2acdd26877ed4af38a62a
Ubuntu Security Notice USN-4247-3
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-3 - USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
MD5 | 365b223712a9ad320b2c991a605088bb
Ubuntu Security Notice USN-4249-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4249-1 - It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-5188
MD5 | 67193cdbe5e371aaa205df5eced9af67
Ubuntu Security Notice USN-4247-2
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-2 - USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations. Various other issues were also addressed.

tags | advisory, remote, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
MD5 | a668be287b5e157bce5f39c0a1d59049
Ubuntu Security Notice USN-4246-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4246-1 - It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
MD5 | cabd1479de5aab731a0faa7bd655105f
Ubuntu Security Notice USN-4248-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4248-1 - It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16545, CVE-2017-17500, CVE-2017-17782
MD5 | 6a9306c08a7604c5af189bd2870f97fb
Ubuntu Security Notice USN-4247-1
Posted Jan 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4247-1 - It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. It was discovered that python-apt could install packages from untrusted repositories, contrary to expectations.

tags | advisory, remote, python
systems | linux, ubuntu
advisories | CVE-2019-15795, CVE-2019-15796
MD5 | 76064752524acb706f08463d1b0ee758
Ubuntu Security Notice USN-4245-1
Posted Jan 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4245-1 - It was discovered that PySAML2 incorrectly handled certain SAML files. An attacker could possibly use this issue to bypass signature verification with arbitrary data.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-5390
MD5 | 930e89bc3b6e8746a3917ed4d9a3ead0
Ubuntu Security Notice USN-4244-1
Posted Jan 21, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4244-1 - It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. Robert Święcki discovered that Samba incorrectly handled certain character conversions when the log level is set to 3 or above. In certain environments, a remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2019-14902, CVE-2019-14907, CVE-2019-19344
MD5 | 4bef110f36ac773e4fbc19cacb12e088
Ubuntu Security Notice USN-4243-1
Posted Jan 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4243-1 - It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. It was discovered that libbsd incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2090, CVE-2019-20367
MD5 | 66ca5d86b1d1fedeb88a40a3371f9f80
Ubuntu Security Notice USN-4242-1
Posted Jan 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4242-1 - It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-16167, CVE-2019-19725
MD5 | fb139dcc049601b2e63b80b43e677bca
Ubuntu Security Notice USN-4225-2
Posted Jan 18, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4225-2 - USN-4225-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS. It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-14895, CVE-2019-16231, CVE-2019-18660, CVE-2019-18813, CVE-2019-19045, CVE-2019-19051, CVE-2019-19052, CVE-2019-19055, CVE-2019-19072, CVE-2019-19524, CVE-2019-19529, CVE-2019-19534
MD5 | 2d5ceaa9194d6f63659fa747cf422d27
Ubuntu Security Notice USN-4241-1
Posted Jan 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4241-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 3610655eb691555973e60450f99803ce
Page 4 of 202
Back23456Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close