Category Archives: Ubuntu

Ubuntu Security Notices

Ubuntu

USN-2669-1: Bind vulnerability

Ubuntu Security Notice USN-2669-1

7th July, 2015

bind9 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Bind could be made to crash if it received specially crafted network
traffic.

Software description

  • bind9
    – Internet Domain Name Server

Details

Breno Silveira Soares discovered that Bind incorrectly handled certain
zone data when configured to perform DNSSEC validation. A remote attacker
could use this issue with specially crafted zone data to cause Bind to
crash, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
bind9

1:9.9.5.dfsg-9ubuntu0.1
Ubuntu 14.10:
bind9

1:9.9.5.dfsg-4.3ubuntu0.3
Ubuntu 14.04 LTS:
bind9

1:9.9.5.dfsg-3ubuntu0.3
Ubuntu 12.04 LTS:
bind9

1:9.8.1.dfsg.P1-4ubuntu0.11

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-4620

Ubuntu

USN-2658-1: PHP vulnerabilities

Ubuntu Security Notice USN-2658-1

6th July, 2015

php5 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in PHP.

Software description

  • php5
    – HTML-embedded scripting language interpreter

Details

Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL
bytes in file paths. A remote attacker could possibly use this issue to
bypass intended restrictions and create or obtain access to sensitive
files. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026,
CVE-2015-4598)

Emmanuel Law discovered that the PHP phar extension incorrectly handled
filenames starting with a NULL byte. A remote attacker could use this issue
with a crafted tar archive to cause a denial of service. (CVE-2015-4021)

Max Spelsberg discovered that PHP incorrectly handled the LIST command
when connecting to remote FTP servers. A malicious FTP server could
possibly use this issue to execute arbitrary code. (CVE-2015-4022,
CVE-2015-4643)

Shusheng Liu discovered that PHP incorrectly handled certain malformed form
data. A remote attacker could use this issue with crafted form data to
cause CPU consumption, leading to a denial of service. (CVE-2015-4024)

Andrea Palazzo discovered that the PHP Soap client incorrectly validated
data types. A remote attacker could use this issue with crafted serialized
data to possibly execute arbitrary code. (CVE-2015-4147)

Andrea Palazzo discovered that the PHP Soap client incorrectly validated
that the uri property is a string. A remote attacker could use this issue
with crafted serialized data to possibly obtain sensitive information.
(CVE-2015-4148)

Taoguang Chen discovered that PHP incorrectly validated data types in
multiple locations. A remote attacker could possibly use these issues to
obtain sensitive information or cause a denial of service. (CVE-2015-4599,
CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603)

It was discovered that the PHP Fileinfo component incorrectly handled
certain files. A remote attacker could use this issue to cause PHP to
crash, resulting in a denial of service. This issue only affected Ubuntu
15.04. (CVE-2015-4604, CVE-2015-4605)

It was discovered that PHP incorrectly handled table names in
php_pgsql_meta_data. A local attacker could possibly use this issue to
cause PHP to crash, resulting in a denial of service. (CVE-2015-4644)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
php5-cli

5.6.4+dfsg-4ubuntu6.2
php5-cgi

5.6.4+dfsg-4ubuntu6.2
libapache2-mod-php5

5.6.4+dfsg-4ubuntu6.2
php5-fpm

5.6.4+dfsg-4ubuntu6.2
Ubuntu 14.10:
php5-cli

5.5.12+dfsg-2ubuntu4.6
php5-cgi

5.5.12+dfsg-2ubuntu4.6
libapache2-mod-php5

5.5.12+dfsg-2ubuntu4.6
php5-fpm

5.5.12+dfsg-2ubuntu4.6
Ubuntu 14.04 LTS:
php5-cli

5.5.9+dfsg-1ubuntu4.11
php5-cgi

5.5.9+dfsg-1ubuntu4.11
libapache2-mod-php5

5.5.9+dfsg-1ubuntu4.11
php5-fpm

5.5.9+dfsg-1ubuntu4.11
Ubuntu 12.04 LTS:
php5-cli

5.3.10-1ubuntu3.19
php5-cgi

5.3.10-1ubuntu3.19
libapache2-mod-php5

5.3.10-1ubuntu3.19
php5-fpm

5.3.10-1ubuntu3.19

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-3411,

CVE-2015-3412,

CVE-2015-4021,

CVE-2015-4022,

CVE-2015-4024,

CVE-2015-4025,

CVE-2015-4026,

CVE-2015-4147,

CVE-2015-4148,

CVE-2015-4598,

CVE-2015-4599,

CVE-2015-4600,

CVE-2015-4601,

CVE-2015-4602,

CVE-2015-4603,

CVE-2015-4604,

CVE-2015-4605,

CVE-2015-4643,

CVE-2015-4644

Ubuntu

USN-2659-1: cups-filters vulnerabilities

Ubuntu Security Notice USN-2659-1

6th July, 2015

cups-filters vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

cups-filters could be made to crash or run programs as the lp user if it
processed a specially crafted print job.

Software description

  • cups-filters
    – OpenPrinting CUPS Filters

Details

Petr Sklenar discovered that the cups-filters texttopdf filter incorrectly
handled line sizes. A remote attacker could use this issue to cause a
denial of service, or possibly execute arbitrary code as the lp user.
(CVE-2015-3258, CVE-2015-3279)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
cups-filters

1.0.67-0ubuntu2.2
Ubuntu 14.10:
cups-filters

1.0.61-0ubuntu2.3
Ubuntu 14.04 LTS:
cups-filters

1.0.52-0ubuntu1.5
Ubuntu 12.04 LTS:
cups-filters

1.0.18-0ubuntu0.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-3258,

CVE-2015-3279

Ubuntu

USN-2652-1: Oxide vulnerabilities

Ubuntu Security Notice USN-2652-1

30th June, 2015

oxide-qt vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Oxide.

Software description

  • oxide-qt
    – Web browser engine library for Qt (QML plugin)

Details

It was discovered that Chromium did not properly consider the scheme when
determining whether a URL is associated with a WebUI SiteInstance. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to bypass security restrictions.
(CVE-2015-1266)

It was discovered that Blink did not properly restrict the creation
context during creation of a DOM wrapper. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to bypass same-origin restrictions. (CVE-2015-1267, CVE-2015-1268)

It was discovered that Chromium did not properly canonicalize DNS hostnames
before comparing to HSTS or HPKP preload entries. An attacker could
potentially exploit this to bypass intended access restrictions.
(CVE-2015-1269)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
liboxideqtcore0

1.7.9-0ubuntu0.15.04.1
Ubuntu 14.10:
liboxideqtcore0

1.7.9-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
liboxideqtcore0

1.7.9-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-1266,

CVE-2015-1267,

CVE-2015-1268,

CVE-2015-1269

Ubuntu

USN-2657-1: unattended-upgrades vulnerability

Ubuntu Security Notice USN-2657-1

29th June, 2015

unattended-upgrades vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

An attacker could trick unattended-upgrades into installing altered
packages.

Software description

  • unattended-upgrades
    – automatic installation of security upgrades

Details

It was discovered that unattended-upgrades incorrectly performed
authentication checks in certain configurations. If a remote attacker were
able to perform a man-in-the-middle attack, this flaw could potentially be
used to install altered packages.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
unattended-upgrades

0.83.6ubuntu1
Ubuntu 14.10:
unattended-upgrades

0.82.8ubuntu0.3
Ubuntu 14.04 LTS:
unattended-upgrades

0.82.1ubuntu2.3
Ubuntu 12.04 LTS:
unattended-upgrades

0.76ubuntu1.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-1330

Ubuntu

USN-2655-1: Tomcat vulnerabilities

Ubuntu Security Notice USN-2655-1

25th June, 2015

tomcat6 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Tomcat.

Software description

  • tomcat6
    – Servlet and JSP engine

Details

It was discovered that Tomcat incorrectly handled data with malformed
chunked transfer coding. A remote attacker could possibly use this issue to
conduct HTTP request smuggling attacks, or cause Tomcat to consume
resources, resulting in a denial of service. (CVE-2014-0227)

It was discovered that Tomcat incorrectly handled HTTP responses occurring
before the entire request body was finished being read. A remote attacker
could possibly use this issue to cause memory consumption, resulting in a
denial of service. (CVE-2014-0230)

It was discovered that the Tomcat Expression Language (EL) implementation
incorrectly handled accessible interfaces implemented by inaccessible
classes. An attacker could possibly use this issue to bypass a
SecurityManager protection mechanism. (CVE-2014-7810)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libtomcat6-java

6.0.35-1ubuntu3.6

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-0227,

CVE-2014-0230,

CVE-2014-7810

Ubuntu

USN-2654-1: Tomcat vulnerabilities

Ubuntu Security Notice USN-2654-1

25th June, 2015

tomcat7 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.04
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Tomcat.

Software description

  • tomcat7
    – Servlet and JSP engine

Details

It was discovered that the Tomcat XML parser incorrectly handled XML
External Entities (XXE). A remote attacker could possibly use this issue to
read arbitrary files. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-0119)

It was discovered that Tomcat incorrectly handled data with malformed
chunked transfer coding. A remote attacker could possibly use this issue to
conduct HTTP request smuggling attacks, or cause Tomcat to consume
resources, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2014-0227)

It was discovered that Tomcat incorrectly handled HTTP responses occurring
before the entire request body was finished being read. A remote attacker
could possibly use this issue to cause memory consumption, resulting in a
denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-0230)

It was discovered that the Tomcat Expression Language (EL) implementation
incorrectly handled accessible interfaces implemented by inaccessible
classes. An attacker could possibly use this issue to bypass a
SecurityManager protection mechanism. (CVE-2014-7810)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:
libtomcat7-java

7.0.56-2ubuntu0.1
Ubuntu 14.10:
libtomcat7-java

7.0.55-1ubuntu0.2
Ubuntu 14.04 LTS:
libtomcat7-java

7.0.52-1ubuntu0.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-0119,

CVE-2014-0227,

CVE-2014-0230,

CVE-2014-7810

Ubuntu

USN-2653-1: Python vulnerabilities

Ubuntu Security Notice USN-2653-1

25th June, 2015

python2.7, python3.2, python3.4 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Python.

Software description

  • python2.7
    – An interactive high-level object-oriented language

  • python3.2
    – An interactive high-level object-oriented language

  • python3.4
    – An interactive high-level object-oriented language

Details

It was discovered that multiple Python protocol libraries incorrectly
limited certain data when connecting to servers. A malicious ftp, http,
imap, nntp, pop or smtp server could use this issue to cause a denial of
service. (CVE-2013-1752)

It was discovered that the Python xmlrpc library did not limit unpacking
gzip-compressed HTTP bodies. A malicious server could use this issue to
cause a denial of service. (CVE-2013-1753)

It was discovered that the Python json module incorrectly handled a certain
argument. An attacker could possibly use this issue to read arbitrary
memory and expose sensitive information. This issue only affected Ubuntu
12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-4616)

It was discovered that the Python CGIHTTPServer incorrectly handled
URL-encoded path separators in URLs. A remote attacker could use this issue
to expose sensitive information, or possibly execute arbitrary code. This
issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-4650)

It was discovered that Python incorrectly handled sizes and offsets in
buffer functions. An attacker could possibly use this issue to read
arbitrary memory and obtain sensitive information. This issue only affected
Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-7185)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
python2.7

2.7.8-10ubuntu1.1
python2.7-minimal

2.7.8-10ubuntu1.1
python3.4-minimal

3.4.2-1ubuntu0.1
python3.4

3.4.2-1ubuntu0.1
Ubuntu 14.04 LTS:
python2.7

2.7.6-8ubuntu0.2
python2.7-minimal

2.7.6-8ubuntu0.2
python3.4-minimal

3.4.0-2ubuntu1.1
python3.4

3.4.0-2ubuntu1.1
Ubuntu 12.04 LTS:
python2.7

2.7.3-0ubuntu3.8
python2.7-minimal

2.7.3-0ubuntu3.8
python3.2

3.2.3-0ubuntu3.7
python3.2-minimal

3.2.3-0ubuntu3.7

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2013-1752,

CVE-2013-1753,

CVE-2014-4616,

CVE-2014-4650,

CVE-2014-7185

Ubuntu

USN-2651-1: GNU patch vulnerabilities

Ubuntu Security Notice USN-2651-1

22nd June, 2015

patch vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in GNU patch.

Software description

  • patch
    – Apply a diff file to an original

Details

Jakub Wilk discovered that GNU patch did not correctly handle file paths in
patch files. An attacker could specially craft a patch file that could
overwrite arbitrary files with the privileges of the user invoking the program.
This issue only affected Ubuntu 12.04 LTS. (CVE-2010-4651)

László Böszörményi discovered that GNU patch did not correctly handle some
patch files. An attacker could specially craft a patch file that could cause a
denial of service. (CVE-2014-9637)

Jakub Wilk discovered that GNU patch did not correctly handle symbolic links in
git style patch files. An attacker could specially craft a patch file that
could overwrite arbitrary files with the privileges of the user invoking the
program. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10.
(CVE-2015-1196)

Jakub Wilk discovered that GNU patch did not correctly handle file renames in
git style patch files. An attacker could specially craft a patch file that
could overwrite arbitrary files with the privileges of the user invoking the
program. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10.
(CVE-2015-1395)

Jakub Wilk discovered the fix for CVE-2015-1196 was incomplete for GNU patch.
An attacker could specially craft a patch file that could overwrite arbitrary
files with the privileges of the user invoking the program. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-1396)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
patch

2.7.1-5ubuntu0.3
Ubuntu 14.04 LTS:
patch

2.7.1-4ubuntu2.3
Ubuntu 12.04 LTS:
patch

2.6.1-3ubuntu0.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2010-4651,

CVE-2014-9637,

CVE-2015-1196,

CVE-2015-1395,

CVE-2015-1396

Ubuntu

USN-2640-2: Linux kernel regression

Ubuntu Security Notice USN-2640-2

21st June, 2015

linux regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to crash under certain conditions.

Software description

  • linux
    – Linux kernel

Details

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel’s
overlayfs file system. The removal of a directory that only exists on the
lower layer results in a kernel panic.

We apologize for the inconvenience.

Original advisory details:

Philip Pettersson discovered a privilege escalation when using overlayfs
mounts inside of user namespaces. A local user could exploit this flaw to
gain administrative privileges on the system.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.2.0-86-generic-pae

3.2.0-86.124
linux-image-3.2.0-86-powerpc64-smp

3.2.0-86.124
linux-image-3.2.0-86-generic

3.2.0-86.124
linux-image-3.2.0-86-virtual

3.2.0-86.124
linux-image-3.2.0-86-omap

3.2.0-86.124
linux-image-3.2.0-86-powerpc-smp

3.2.0-86.124
linux-image-3.2.0-86-highbank

3.2.0-86.124

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

http://bugs.launchpad.net/bugs/1465998