========================================================================== Ubuntu Security Notice USN-4004-1 June 04, 2019 db5.3 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Berkeley DB could be made to expose sensitive information. Software Description: - db5.3: Berkeley DB Utilities Details: It was discovered that Berkeley DB incorrectly handled certain inputs. An attacker could possibly use this issue to read sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: db5.3-sql-util 5.3.28+dfsg1-0.5ubuntu0.1 db5.3-util 5.3.28+dfsg1-0.5ubuntu0.1 libdb5.3 5.3.28+dfsg1-0.5ubuntu0.1 libdb5.3-sql 5.3.28+dfsg1-0.5ubuntu0.1 libdb5.3-sql-dev 5.3.28+dfsg1-0.5ubuntu0.1 Ubuntu 18.10: db5.3-sql-util 5.3.28+dfsg1-0.1ubuntu0.1 db5.3-util 5.3.28+dfsg1-0.1ubuntu0.1 libdb5.3 5.3.28+dfsg1-0.1ubuntu0.1 libdb5.3-sql 5.3.28+dfsg1-0.1ubuntu0.1 libdb5.3-sql-dev 5.3.28+dfsg1-0.1ubuntu0.1 Ubuntu 18.04 LTS: db5.3-sql-util 5.3.28-13.1ubuntu1.1 db5.3-util 5.3.28-13.1ubuntu1.1 libdb5.3 5.3.28-13.1ubuntu1.1 libdb5.3-sql 5.3.28-13.1ubuntu1.1 libdb5.3-sql-dev 5.3.28-13.1ubuntu1.1 Ubuntu 16.04 LTS: db5.3-sql-util 5.3.28-11ubuntu0.2 db5.3-util 5.3.28-11ubuntu0.2 libdb5.3 5.3.28-11ubuntu0.2 libdb5.3-sql 5.3.28-11ubuntu0.2 libdb5.3-sql-dev 5.3.28-11ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-4004-1 CVE-2019-8457 Package Information: https://launchpad.net/ubuntu/+source/db5.3/5.3.28+dfsg1-0.5ubuntu0.1 https://launchpad.net/ubuntu/+source/db5.3/5.3.28+dfsg1-0.1ubuntu0.1 https://launchpad.net/ubuntu/+source/db5.3/5.3.28-13.1ubuntu1.1 https://launchpad.net/ubuntu/+source/db5.3/5.3.28-11ubuntu0.2