Category Archives: Ubuntu

Ubuntu Security Notices

Ubuntu

USN-2348-1: APT vulnerabilities

Ubuntu Security Notice USN-2348-1

16th September, 2014

apt vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in APT.

Software description

  • apt
    – Advanced front-end for dpkg

Details

It was discovered that APT did not re-verify downloaded files when the
If-Modified-Since wasn’t met. (CVE-2014-0487)

It was discovered that APT did not invalidate repository data when it
switched from an unauthenticated to an authenticated state. (CVE-2014-0488)

It was discovered that the APT Acquire::GzipIndexes option caused APT to
skip checksum validation. This issue only applied to Ubuntu 12.04 LTS and
Ubuntu 14.04 LTS, and was not enabled by default. (CVE-2014-0489)

It was discovered that APT did not correctly validate signatures when
manually downloading packages using the download command. This issue only
applied to Ubuntu 12.04 LTS. (CVE-2014-0490)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
apt

1.0.1ubuntu2.3
Ubuntu 12.04 LTS:
apt

0.8.16~exp12ubuntu10.19
Ubuntu 10.04 LTS:
apt

0.7.25.3ubuntu9.16

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-0487,

CVE-2014-0488,

CVE-2014-0489,

CVE-2014-0490

Ubuntu

USN-2347-1: Django vulnerabilities

Ubuntu Security Notice USN-2347-1

16th September, 2014

python-django vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in Django.

Software description

  • python-django
    – High-level Python web development framework

Details

Florian Apolloner discovered that Django incorrectly validated URLs. A
remote attacker could use this issue to conduct phishing attacks.
(CVE-2014-0480)

David Wilson discovered that Django incorrectly handled file name
generation. A remote attacker could use this issue to cause Django to
consume resources, resulting in a denial of service. (CVE-2014-0481)

David Greisen discovered that Django incorrectly handled certain headers in
contrib.auth.middleware.RemoteUserMiddleware. A remote authenticated user
could use this issue to hijack web sessions. (CVE-2014-0482)

Collin Anderson discovered that Django incorrectly checked if a field
represented a relationship between models in the administrative interface.
A remote authenticated user could use this issue to possibly obtain
sensitive information. (CVE-2014-0483)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
python-django

1.6.1-2ubuntu0.4
Ubuntu 12.04 LTS:
python-django

1.3.1-4ubuntu1.12
Ubuntu 10.04 LTS:
python-django

1.1.1-2ubuntu1.13

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-0480,

CVE-2014-0481,

CVE-2014-0482,

CVE-2014-0483

Ubuntu

USN-2346-1: curl vulnerabilities

Ubuntu Security Notice USN-2346-1

15th September, 2014

curl vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in curl.

Software description

  • curl
    – HTTP, HTTPS, and FTP client and client libraries

Details

Tim Ruehsen discovered that curl incorrectly handled partial literal IP
addresses. This could lead to the disclosure of cookies to the wrong site,
and malicious sites being able to set cookies for others. (CVE-2014-3613)

Tim Ruehsen discovered that curl incorrectly allowed cookies to be set
for Top Level Domains (TLDs). This could allow a malicious site to set a
cookie that gets sent to other sites. (CVE-2014-3620)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
libcurl3-nss

7.35.0-1ubuntu2.1
libcurl3-gnutls

7.35.0-1ubuntu2.1
libcurl3

7.35.0-1ubuntu2.1
Ubuntu 12.04 LTS:
libcurl3-nss

7.22.0-3ubuntu4.10
libcurl3-gnutls

7.22.0-3ubuntu4.10
libcurl3

7.22.0-3ubuntu4.10
Ubuntu 10.04 LTS:
libcurl3-gnutls

7.19.7-1ubuntu1.9
libcurl3

7.19.7-1ubuntu1.9

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-3613,

CVE-2014-3620

Ubuntu

USN-2330-1: Thunderbird vulnerabilities

Ubuntu Security Notice USN-2330-1

11th September, 2014

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

  • thunderbird
    – Mozilla Open Source mail and newsgroup client

Details

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong,
Jesse Ruderman and JW Wang discovered multiple memory safety issues in
Thunderbird. If a user were tricked in to opening a specially crafted
message with scripting enabled, an attacker could potentially exploit
these to cause a denial of service via application crash, or execute
arbitrary code with the privileges of the user invoking Thunderbird.
(CVE-2014-1553, CVE-2014-1562)

Abhishek Arya discovered a use-after-free during DOM interactions with
SVG. If a user were tricked in to opening a specially crafted message
with scripting enabled, an attacker could potentially exploit this to
cause a denial of service via application crash or execute arbitrary code
with the privileges of the user invoking Thunderbird. (CVE-2014-1563)

Michal Zalewski discovered that memory is not initialized properly during
GIF rendering in some circumstances. If a user were tricked in to opening
a specially crafted message, an attacker could potentially exploit this to
steal confidential information. (CVE-2014-1564)

Holger Fuhrmannek discovered an out-of-bounds read in Web Audio. If a
user were tricked in to opening a specially crafted message with scripting
enabled, an attacker could potentially exploit this to cause a denial of
service via application crash or steal confidential information.
(CVE-2014-1565)

A use-after-free was discovered during text layout in some circumstances.
If a user were tricked in to opening a specially crafted message with
scripting enabled, an attacker could potentially exploit this to cause a
denial of service via application crash or execute arbitrary code with
the privileges of the user invoking Thunderbird. (CVE-2014-1567)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
thunderbird

1:31.1.1+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
thunderbird

1:31.1.1+build1-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

CVE-2014-1553,

CVE-2014-1562,

CVE-2014-1563,

CVE-2014-1564,

CVE-2014-1565,

CVE-2014-1567

Ubuntu

USN-2363-2: Bash vulnerability

Ubuntu Security Notice USN-2363-2

25th September, 2014

bash vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Bash allowed bypassing environment restrictions in certain environments.

Software description

  • bash
    – GNU Bourne Again SHell

Details

USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch
for CVE-2014-7169 didn’t get properly applied in the Ubuntu 14.04 LTS
package. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Tavis Ormandy discovered that the security fix for Bash included in
USN-2362-1 was incomplete. An attacker could use this issue to bypass
certain environment restrictions. (CVE-2014-7169)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
bash

4.3-7ubuntu1.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-7169

Ubuntu

USN-2354-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-2354-1

23rd September, 2014

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

Chris Evans reported an flaw in the Linux kernel’s handling of iso9660
(compact disk filesystem) images. An attacker who can mount a custom
iso9660 image either via a CD/DVD drive or a loopback mount could cause a
denial of service (system crash or reboot). (CVE-2014-5471)

Chris Evans reported an flaw in the Linux kernel’s handling of iso9660
(compact disk filesystem) images. An attacker who can mount a custom
iso9660 image, with a self-referential CL entry, either via a CD/DVD drive
or a loopback mount could cause a denial of service (unkillable mount
process). (CVE-2014-5472)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 10.04 LTS:
linux-image-2.6.32-66-lpia

2.6.32-66.132
linux-image-2.6.32-66-generic-pae

2.6.32-66.132
linux-image-2.6.32-66-sparc64

2.6.32-66.132
linux-image-2.6.32-66-ia64

2.6.32-66.132
linux-image-2.6.32-66-386

2.6.32-66.132
linux-image-2.6.32-66-powerpc

2.6.32-66.132
linux-image-2.6.32-66-versatile

2.6.32-66.132
linux-image-2.6.32-66-generic

2.6.32-66.132
linux-image-2.6.32-66-powerpc64-smp

2.6.32-66.132
linux-image-2.6.32-66-preempt

2.6.32-66.132
linux-image-2.6.32-66-powerpc-smp

2.6.32-66.132
linux-image-2.6.32-66-server

2.6.32-66.132
linux-image-2.6.32-66-sparc64-smp

2.6.32-66.132
linux-image-2.6.32-66-virtual

2.6.32-66.132

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2014-5471,

CVE-2014-5472

Ubuntu

USN-2363-1: Bash vulnerability

Ubuntu Security Notice USN-2363-1

25th September, 2014

bash vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Bash allowed bypassing environment restrictions in certain environments.

Software description

  • bash
    – GNU Bourne Again SHell

Details

Tavis Ormandy discovered that the security fix for Bash included in
USN-2362-1 was incomplete. An attacker could use this issue to bypass
certain environment restrictions. (CVE-2014-7169)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
bash

4.3-7ubuntu1.2
Ubuntu 12.04 LTS:
bash

4.2-2ubuntu2.3
Ubuntu 10.04 LTS:
bash

4.1-2ubuntu3.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-7169

Ubuntu

USN-2353-1: APT vulnerability

Ubuntu Security Notice USN-2353-1

23rd September, 2014

apt vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

APT could be made to crash or run programs if it received specially crafted
network traffic.

Software description

  • apt
    – Advanced front-end for dpkg

Details

It was discovered that APT incorrectly handled certain http URLs. If a
remote attacker were able to perform a man-in-the-middle attack, this flaw
could be exploited to cause APT to crash, resulting in a denial of service,
or possibly execute arbitrary code. The default compiler options for
affected releases should reduce the vulnerability to a denial of service.
(CVE-2014-6273)

In addition, this update fixes regressions introduced by the USN-2348-1
security update: APT incorrectly handled file:/// sources on a different
partition, incorrectly handled Dir::state::lists set to a relative path,
and incorrectly handled cdrom: sources.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
apt

1.0.1ubuntu2.4.1
Ubuntu 12.04 LTS:
apt

0.8.16~exp12ubuntu10.20.1
Ubuntu 10.04 LTS:
apt

0.7.25.3ubuntu9.17.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-6273

Ubuntu

USN-2360-2: Thunderbird vulnerabilities

Ubuntu Security Notice USN-2360-2

24th September, 2014

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Fraudulent security certificates could allow sensitive information to
be exposed when accessing the Internet.

Software description

  • thunderbird
    – Mozilla Open Source mail and newsgroup client

Details

USN-2360-1 fixed vulnerabilities in Firefox. This update provides the
corresponding updates for Thunderbird.

Original advisory details:

Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled
parsing ASN.1 values. An attacker could use this issue to forge RSA
certificates.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
thunderbird

1:31.1.2+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
thunderbird

1:31.1.2+build1-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

CVE-2014-1568

Ubuntu

USN-2352-1: DBus vulnerabilities

Ubuntu Security Notice USN-2352-1

22nd September, 2014

dbus vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in DBus.

Software description

  • dbus
    – simple interprocess messaging system

Details

Simon McVittie discovered that DBus incorrectly handled the file
descriptors message limit. A local attacker could use this issue to cause
DBus to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only applied to Ubuntu 12.04 LTS and Ubuntu
14.04 LTS. (CVE-2014-3635)

Alban Crequy discovered that DBus incorrectly handled a large number of
file descriptor messages. A local attacker could use this issue to cause
DBus to stop responding, resulting in a denial of service. This issue only
applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3636)

Alban Crequy discovered that DBus incorrectly handled certain file
descriptor messages. A local attacker could use this issue to cause DBus
to maintain persistent connections, possibly resulting in a denial of
service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2014-3637)

Alban Crequy discovered that DBus incorrectly handled a large number of
parallel connections and parallel message calls. A local attacker could use
this issue to cause DBus to consume resources, possibly resulting in a
denial of service. (CVE-2014-3638)

Alban Crequy discovered that DBus incorrectly handled incomplete
connections. A local attacker could use this issue to cause DBus to fail
legitimate connection attempts, resulting in a denial of service.
(CVE-2014-3639)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
dbus

1.6.18-0ubuntu4.2
libdbus-1-3

1.6.18-0ubuntu4.2
Ubuntu 12.04 LTS:
dbus

1.4.18-1ubuntu1.6
libdbus-1-3

1.4.18-1ubuntu1.6
Ubuntu 10.04 LTS:
dbus

1.2.16-2ubuntu4.8
libdbus-1-3

1.2.16-2ubuntu4.8

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all
the necessary changes.

References

CVE-2014-3635,

CVE-2014-3636,

CVE-2014-3637,

CVE-2014-3638,

CVE-2014-3639