Category Archives: Ubuntu

Ubuntu Security Notices

USN-3246-1: Eject vulnerability

Ubuntu Security Notice USN-3246-1

27th March, 2017

eject vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Eject could be made to run programs as an administrator.

Software description

  • eject
    – ejects CDs and operates CD-Changers under Linux

Details

Ilja Van Sprundel discovered that dmcrypt-get-device incorrectly checked setuid
and setgid return values. A local attacker could use this issue to execute code
as an administrator.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
eject

2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1
Ubuntu 16.04 LTS:
eject

2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1
Ubuntu 14.04 LTS:
eject

2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1
Ubuntu 12.04 LTS:
eject

2.1.5+deb1+cvs20081104-9ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-6964

USN-3245-1: GStreamer Good Plugins vulnerabilities

Ubuntu Security Notice USN-3245-1

27th March, 2017

gst-plugins-good0.10, gst-plugins-good1.0 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

GStreamer Good Plugins could be made to crash if it opened a specially
crafted file.

Software description

  • gst-plugins-good0.10
    – GStreamer plugins

  • gst-plugins-good1.0
    – GStreamer plugins

Details

Hanno Böck discovered that GStreamer Good Plugins did not correctly handle
certain malformed media files. If a user were tricked into opening a
crafted media file with a GStreamer application, an attacker could cause a
denial of service via application crash.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
gstreamer1.0-plugins-good

1.8.3-1ubuntu1.3
Ubuntu 16.04 LTS:
gstreamer1.0-plugins-good

1.8.3-1ubuntu0.4
Ubuntu 14.04 LTS:
gstreamer0.10-plugins-good

0.10.31-3+nmu1ubuntu5.3
gstreamer1.0-plugins-good

1.2.4-1~ubuntu1.4
Ubuntu 12.04 LTS:
gstreamer0.10-plugins-good

0.10.31-1ubuntu1.5

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-10198,

CVE-2016-10199,

CVE-2017-5840,

CVE-2017-5841,

CVE-2017-5845

USN-3233-1: Thunderbird vulnerabilities

Ubuntu Security Notice USN-3233-1

24th March, 2017

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

  • thunderbird
    – Mozilla Open Source mail and newsgroup client

Details

Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to bypass same origin
restrictions, obtain sensitive information, cause a denial of service via
application crash or hang, or execute arbitrary code. (CVE-2017-5398,
CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405,
CVE-2017-5407, CVE-2017-5408, CVE-2017-5410)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
thunderbird

1:45.8.0+build1-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
thunderbird

1:45.8.0+build1-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
thunderbird

1:45.8.0+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
thunderbird

1:45.8.0+build1-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References

CVE-2017-5398,

CVE-2017-5400,

CVE-2017-5401,

CVE-2017-5402,

CVE-2017-5404,

CVE-2017-5405,

CVE-2017-5407,

CVE-2017-5408,

CVE-2017-5410

USN-3239-3: GNU C Library regression

Ubuntu Security Notice USN-3239-3

24th March, 2017

eglibc regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

USN-3239-1 introduced a regression in the GNU C Library.

Software description

  • eglibc
    – GNU C Library

Details

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately,
the fix for CVE-2016-3706 introduced a regression that in some
circumstances prevented IPv6 addresses from resolving. This update
reverts the change in Ubuntu 12.04 LTS. We apologize for the error.

Original advisory details:

It was discovered that the GNU C Library incorrectly handled the
strxfrm() function. An attacker could use this issue to cause a denial
of service or possibly execute arbitrary code. This issue only affected
Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982)

It was discovered that an integer overflow existed in the
_IO_wstr_overflow() function of the GNU C Library. An attacker could
use this to cause a denial of service or possibly execute arbitrary
code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04
LTS. (CVE-2015-8983)

It was discovered that the fnmatch() function in the GNU C Library
did not properly handle certain malformed patterns. An attacker could
use this to cause a denial of service. This issue only affected Ubuntu
12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984)

Alexander Cherepanov discovered a stack-based buffer overflow in the
glob implementation of the GNU C Library. An attacker could use this
to specially craft a directory layout and cause a denial of service.
(CVE-2016-1234)

Michael Petlan discovered an unbounded stack allocation in the
getaddrinfo() function of the GNU C Library. An attacker could use
this to cause a denial of service. (CVE-2016-3706)

Aldy Hernandez discovered an unbounded stack allocation in the sunrpc
implementation in the GNU C Library. An attacker could use this to
cause a denial of service. (CVE-2016-4429)

Tim Ruehsen discovered that the getaddrinfo() implementation in the
GNU C Library did not properly track memory allocations. An attacker
could use this to cause a denial of service. This issue only affected
Ubuntu 16.04 LTS. (CVE-2016-5417)

Andreas Schwab discovered that the GNU C Library on ARM 32-bit
platforms did not properly set up execution contexts. An attacker
could use this to cause a denial of service. (CVE-2016-6323)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libc6

2.15-0ubuntu10.18

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://bugs.launchpad.net/bugs/1674776

USN-3243-1: Git vulnerability

Ubuntu Security Notice USN-3243-1

23rd March, 2017

git vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Git could be made to run programs as your login if it explored a specially
crafted repository.

Software description

  • git
    – fast, scalable, distributed revision control system

Details

It was discovered that Git incorrectly sanitized branch names in the PS1
variable when configured to display the repository status in the shell
prompt. If a user were tricked into exploring a malicious repository, a
remote attacker could use this issue to execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
git

1:1.9.1-1ubuntu0.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-9938

USN-3242-1: Samba vulnerability

Ubuntu Security Notice USN-3242-1

23rd March, 2017

samba vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Samba could be made to expose sensitive information over the network.

Software description

  • samba
    – SMB/CIFS file, print, and login server for Unix

Details

Jann Horn discovered that Samba incorrectly handled symlinks. An
authenticated remote attacker could use this issue to access files on the
server outside of the exported directories.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
samba

2:4.4.5+dfsg-2ubuntu5.4
Ubuntu 16.04 LTS:
samba

2:4.3.11+dfsg-0ubuntu0.16.04.5
Ubuntu 14.04 LTS:
samba

2:4.3.11+dfsg-0ubuntu0.14.04.6
Ubuntu 12.04 LTS:
samba

2:3.6.25-0ubuntu0.12.04.9

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-2619

USN-3241-1: audiofile vulnerabilities

Ubuntu Security Notice USN-3241-1

22nd March, 2017

audiofile vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

audiofile could be made to crash or run programs if it opened a specially
crafted file.

Software description

  • audiofile
    – Open-source version of the SGI audiofile library

Details

Agostino Sarubbo discovered that audiofile incorrectly handled certain
malformed audio files. If a user or automated system were tricked into
processing a specially crafted audio file, a remote attacker could cause
applications linked against audiofile to crash, leading to a denial of
service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
libaudiofile1

0.3.6-2ubuntu0.14.04.2
Ubuntu 12.04 LTS:
libaudiofile1

0.3.3-2ubuntu0.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-6827,

CVE-2017-6828,

CVE-2017-6829,

CVE-2017-6830,

CVE-2017-6831,

CVE-2017-6832,

CVE-2017-6833,

CVE-2017-6834,

CVE-2017-6835,

CVE-2017-6836,

CVE-2017-6837,

CVE-2017-6838,

CVE-2017-6839

USN-3239-2: GNU C Library Regression

Ubuntu Security Notice USN-3239-2

21st March, 2017

eglibc, glibc regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

USN-3239-1 introduced a regression in the GNU C Library.

Software description

  • eglibc
    – GNU C Library

  • glibc
    – GNU C Library

Details

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately,
the fix for CVE-2015-5180 introduced an internal ABI change within
the resolver library. This update reverts the change. We apologize
for the inconvenience.

Please note that long-running services that were restarted to compensate
for the USN-3239-1 update may need to be restarted again.

Original advisory details:

It was discovered that the GNU C Library incorrectly handled the
strxfrm() function. An attacker could use this issue to cause a denial
of service or possibly execute arbitrary code. This issue only affected
Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982)

It was discovered that an integer overflow existed in the
_IO_wstr_overflow() function of the GNU C Library. An attacker could
use this to cause a denial of service or possibly execute arbitrary
code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04
LTS. (CVE-2015-8983)

It was discovered that the fnmatch() function in the GNU C Library
did not properly handle certain malformed patterns. An attacker could
use this to cause a denial of service. This issue only affected Ubuntu
12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984)

Alexander Cherepanov discovered a stack-based buffer overflow in the
glob implementation of the GNU C Library. An attacker could use this
to specially craft a directory layout and cause a denial of service.
(CVE-2016-1234)

Florian Weimer discovered a NULL pointer dereference in the DNS
resolver of the GNU C Library. An attacker could use this to cause
a denial of service. (CVE-2015-5180)

Michael Petlan discovered an unbounded stack allocation in the
getaddrinfo() function of the GNU C Library. An attacker could use
this to cause a denial of service. (CVE-2016-3706)

Aldy Hernandez discovered an unbounded stack allocation in the sunrpc
implementation in the GNU C Library. An attacker could use this to
cause a denial of service. (CVE-2016-4429)

Tim Ruehsen discovered that the getaddrinfo() implementation in the
GNU C Library did not properly track memory allocations. An attacker
could use this to cause a denial of service. This issue only affected
Ubuntu 16.04 LTS. (CVE-2016-5417)

Andreas Schwab discovered that the GNU C Library on ARM 32-bit
platforms did not properly set up execution contexts. An attacker
could use this to cause a denial of service. (CVE-2016-6323)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
libc6

2.23-0ubuntu7
Ubuntu 14.04 LTS:
libc6

2.19-0ubuntu6.11
Ubuntu 12.04 LTS:
libc6

2.15-0ubuntu10.17

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://bugs.launchpad.net/bugs/1674532

USN-3237-1: FreeType vulnerability

Ubuntu Security Notice USN-3237-1

20th March, 2017

freetype vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

FreeType could be made to crash or run programs if it opened a specially
crafted font file.

Software description

  • freetype
    – FreeType 2 is a font engine library

Details

It was discovered that FreeType did not correctly handle certain malformed
font files. If a user were tricked into using a specially crafted font
file, a remote attacker could cause FreeType to crash, resulting in a
denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
libfreetype6

2.6.3-3ubuntu1.1
Ubuntu 16.04 LTS:
libfreetype6

2.6.1-0.1ubuntu2.1
Ubuntu 14.04 LTS:
libfreetype6

2.5.2-1ubuntu2.6
Ubuntu 12.04 LTS:
libfreetype6

2.4.8-1ubuntu2.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make
all the necessary changes.

References

CVE-2016-10244

USN-3238-1: Firefox vulnerability

Ubuntu Security Notice USN-3238-1

20th March, 2017

firefox vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

An integer overflow was discovered in Firefox.

Software description

  • firefox
    – Mozilla Open Source web browser

Details

An integer overflow was discovered in Firefox. If a user were tricked in
to opening a specially crafted website, an attacker could exploit this to
cause a denial of service via application crash or execute arbitrary code.
(CVE-2017-5428)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
firefox

52.0.1+build2-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
firefox

52.0.1+build2-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
firefox

52.0.1+build2-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
firefox

52.0.1+build2-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

CVE-2017-5428