========================================================================== Ubuntu Security Notice USN-3895-1 February 26, 2019 ldb vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: LDB could be made to crash if it received specially crafted network traffic. Software Description: - ldb: LDAP-like embedded database - tools Details: It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libldb1 2:1.4.0+really1.3.5-2ubuntu0.1 Ubuntu 18.04 LTS: libldb1 2:1.2.3-1ubuntu0.1 Ubuntu 16.04 LTS: libldb1 2:1.1.24-1ubuntu3.1 Ubuntu 14.04 LTS: libldb1 1:1.1.24-0ubuntu0.14.04.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3895-1 CVE-2019-3824 Package Information: https://launchpad.net/ubuntu/+source/ldb/2:1.4.0+really1.3.5-2ubuntu0.1 https://launchpad.net/ubuntu/+source/ldb/2:1.2.3-1ubuntu0.1 https://launchpad.net/ubuntu/+source/ldb/2:1.1.24-1ubuntu3.1 https://launchpad.net/ubuntu/+source/ldb/1:1.1.24-0ubuntu0.14.04.2