Category Archives: Ubuntu

Ubuntu Security Notices

USN-3142-2: ImageMagick regression

Ubuntu Security Notice USN-3142-2

22nd February, 2017

imagemagick regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

USN-3142-1 introduced a regression in ImageMagick.

Software description

  • imagemagick
    – Image manipulation programs and library

Details

USN-3142-1 fixed vulnerabilities in ImageMagick. The security fixes
introduced a regression with text labels and a regression with the text
coder. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or possibly execute code with the privileges of
the user invoking the program.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
libmagick++-6.q16-5v5

8:6.8.9.9-7ubuntu8.3
imagemagick

8:6.8.9.9-7ubuntu8.3
libmagickcore-6.q16-2-extra

8:6.8.9.9-7ubuntu8.3
imagemagick-6.q16

8:6.8.9.9-7ubuntu8.3
libmagickcore-6.q16-2

8:6.8.9.9-7ubuntu8.3
Ubuntu 16.04 LTS:
libmagick++-6.q16-5v5

8:6.8.9.9-7ubuntu5.4
imagemagick

8:6.8.9.9-7ubuntu5.4
libmagickcore-6.q16-2-extra

8:6.8.9.9-7ubuntu5.4
imagemagick-6.q16

8:6.8.9.9-7ubuntu5.4
libmagickcore-6.q16-2

8:6.8.9.9-7ubuntu5.4
Ubuntu 14.04 LTS:
libmagick++5

8:6.7.7.10-6ubuntu3.4
libmagickcore5-extra

8:6.7.7.10-6ubuntu3.4
libmagickcore5

8:6.7.7.10-6ubuntu3.4
imagemagick

8:6.7.7.10-6ubuntu3.4
Ubuntu 12.04 LTS:
libmagick++4

8:6.6.9.7-5ubuntu3.7
libmagickcore4

8:6.6.9.7-5ubuntu3.7
imagemagick

8:6.6.9.7-5ubuntu3.7
libmagickcore4-extra

8:6.6.9.7-5ubuntu3.7

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1589580,

LP: 1646485

USN-3209-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-3209-1

22nd February, 2017

linux, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

  • linux-raspi2
    – Linux kernel for Raspberry Pi 2

Details

It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)

Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of service (guest OS crash).
(CVE-2016-9588)

Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2017-6074)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
linux-image-powerpc-smp 4.8.0.39.50
linux-image-4.8.0-39-generic

4.8.0-39.42
linux-image-4.8.0-39-generic-lpae

4.8.0-39.42
linux-image-generic 4.8.0.39.50
linux-image-powerpc-e500mc 4.8.0.39.50
linux-image-lowlatency 4.8.0.39.50
linux-image-4.8.0-39-lowlatency

4.8.0-39.42
linux-image-4.8.0-39-powerpc-smp

4.8.0-39.42
linux-image-generic-lpae 4.8.0.39.50
linux-image-4.8.0-1026-raspi2

4.8.0-1026.29
linux-image-4.8.0-39-powerpc64-emb

4.8.0-39.42
linux-image-powerpc64-emb 4.8.0.39.50
linux-image-raspi2 4.8.0.1026.29
linux-image-4.8.0-39-powerpc-e500mc

4.8.0-39.42

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-10088,

CVE-2016-9588,

CVE-2017-6074

USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities

Ubuntu Security Notice USN-3208-2

22nd February, 2017

linux-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-xenial
    – Linux hardware enablement kernel from Xenial for Trusty

Details

USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

It was discovered that the generic SCSI block layer in the Linux kernel did
not properly restrict write operations in certain situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2016-10088)

CAI Qian discovered that the sysctl implementation in the Linux kernel did
not properly perform reference counting in some situations. An unprivileged
attacker could use this to cause a denial of service (system hang).
(CVE-2016-9191)

Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of service (guest OS crash).
(CVE-2016-9588)

Andy Lutomirski and Willy Tarreau discovered that the KVM implementation in
the Linux kernel did not properly emulate instructions on the SS segment
register. A local attacker in a guest virtual machine could use this to
cause a denial of service (guest OS crash) or possibly gain administrative
privileges in the guest OS. (CVE-2017-2583)

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
improperly emulated certain instructions. A local attacker could use this
to obtain sensitive information (kernel memory). (CVE-2017-2584)

It was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in
the Linux kernel did not properly initialize memory related to logging. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2017-5549)

Andrey Konovalov discovered a use-after-free vulnerability in the DCCP
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly gain administrative
privileges. (CVE-2017-6074)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-4.4.0-64-powerpc64-emb

4.4.0-64.85~14.04.1
linux-image-4.4.0-64-powerpc64-smp

4.4.0-64.85~14.04.1
linux-image-4.4.0-64-generic

4.4.0-64.85~14.04.1
linux-image-lowlatency-lts-xenial

4.4.0.64.50
linux-image-4.4.0-64-powerpc-e500mc

4.4.0-64.85~14.04.1
linux-image-powerpc64-smp-lts-xenial

4.4.0.64.50
linux-image-generic-lpae-lts-xenial

4.4.0.64.50
linux-image-generic-lts-xenial

4.4.0.64.50
linux-image-4.4.0-64-lowlatency

4.4.0-64.85~14.04.1
linux-image-powerpc-smp-lts-xenial

4.4.0.64.50
linux-image-4.4.0-64-powerpc-smp

4.4.0-64.85~14.04.1
linux-image-powerpc64-emb-lts-xenial

4.4.0.64.50
linux-image-4.4.0-64-generic-lpae

4.4.0-64.85~14.04.1
linux-image-powerpc-e500mc-lts-xenial

4.4.0.64.50

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-10088,

CVE-2016-9191,

CVE-2016-9588,

CVE-2017-2583,

CVE-2017-2584,

CVE-2017-5549,

CVE-2017-6074

USN-3205-1: tcpdump vulnerabilities

Ubuntu Security Notice USN-3205-1

21st February, 2017

tcpdump vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

tcpdump could be made to crash or run programs if it received specially
crafted network traffic.

Software description

  • tcpdump
    – command-line network traffic analyzer

Details

It was discovered that tcpdump incorrectly handled certain packets. A
remote attacker could use this issue to cause tcpdump to crash, resulting
in a denial of service, or possibly execute arbitrary code.

In the default installation, attackers would be isolated by the tcpdump
AppArmor profile.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
tcpdump

4.9.0-1ubuntu1~ubuntu16.10.1
Ubuntu 16.04 LTS:
tcpdump

4.9.0-1ubuntu1~ubuntu16.04.1
Ubuntu 14.04 LTS:
tcpdump

4.9.0-1ubuntu1~ubuntu14.04.1
Ubuntu 12.04 LTS:
tcpdump

4.9.0-1ubuntu1~ubuntu12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References

CVE-2016-7922,

CVE-2016-7923,

CVE-2016-7924,

CVE-2016-7925,

CVE-2016-7926,

CVE-2016-7927,

CVE-2016-7928,

CVE-2016-7929,

CVE-2016-7930,

CVE-2016-7931,

CVE-2016-7932,

CVE-2016-7933,

CVE-2016-7934,

CVE-2016-7935,

CVE-2016-7936,

CVE-2016-7937,

CVE-2016-7938,

CVE-2016-7939,

CVE-2016-7940,

CVE-2016-7973,

CVE-2016-7974,

CVE-2016-7975,

CVE-2016-7983,

CVE-2016-7984,

CVE-2016-7985,

CVE-2016-7986,

CVE-2016-7992,

CVE-2016-7993,

CVE-2016-8574,

CVE-2016-8575,

CVE-2017-5202,

CVE-2017-5203,

CVE-2017-5204,

CVE-2017-5205,

CVE-2017-5341,

CVE-2017-5342,

CVE-2017-5482,

CVE-2017-5483,

CVE-2017-5484,

CVE-2017-5485,

CVE-2017-5486

USN-3203-1: gtk-vnc vulnerabilities

Ubuntu Security Notice USN-3203-1

20th February, 2017

gtk-vnc vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

gtk-vnc could be made to crash or run programs if it received specially
crafted network traffic.

Software description

  • gtk-vnc
    – VNC viewer widget

Details

It was discovered that gtk-vnc incorrectly validated certain data. A
malicious server could use this issue to cause gtk-vnc to crash, resulting
in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
libgtk-vnc-1.0-0

0.5.3-0ubuntu2.1
libgvnc-1.0-0

0.5.3-0ubuntu2.1
libgtk-vnc-2.0-0

0.5.3-0ubuntu2.1
Ubuntu 12.04 LTS:
libgtk-vnc-1.0-0

0.5.0-1ubuntu1.1
libgvnc-1.0-0

0.5.0-1ubuntu1.1
libgtk-vnc-2.0-0

0.5.0-1ubuntu1.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-5884,

CVE-2017-5885

USN-3202-1: Spice vulnerabilities

Ubuntu Security Notice USN-3202-1

20th February, 2017

spice vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Spice could be made to crash or run programs if it received specially
crafted network traffic.

Software description

  • spice
    – SPICE protocol client and server library

Details

Frediano Ziglio discovered that Spice incorrectly handled certain client
messages. A remote attacker could use this issue to cause Spice to crash,
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
libspice-server1

0.12.8-1ubuntu0.1
Ubuntu 16.04 LTS:
libspice-server1

0.12.6-4ubuntu0.2
Ubuntu 14.04 LTS:
libspice-server1

0.12.4-0nocelt2ubuntu1.4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart qemu guests to make
all the necessary changes.

References

CVE-2016-9577,

CVE-2016-9578

USN-3204-1: Tomcat vulnerability

Ubuntu Security Notice USN-3204-1

20th February, 2017

tomcat6, tomcat7 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Tomcat could be made to consume resources if it received specially crafted
network traffic.

Software description

  • tomcat6
    – Servlet and JSP engine

  • tomcat7
    – Servlet and JSP engine

Details

It was discovered that Tomcat incorrectly handled certain HTTP requests. A
remote attacker could possibly use this issue to cause Tomcat to consume
resources, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
tomcat7

7.0.52-1ubuntu0.10
libtomcat7-java

7.0.52-1ubuntu0.10
Ubuntu 12.04 LTS:
libtomcat6-java

6.0.35-1ubuntu3.11
tomcat6

6.0.35-1ubuntu3.11

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-6056

USN-3199-2: Python Crypto regression

Ubuntu Security Notice USN-3199-2

17th February, 2017

Python Crypto regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

USN-3199-1 introduced a regression in the Python Cryptography Toolkit which
caused programs which relied on the original behavior to fail.

Software description

  • python-crypto
    – cryptographic algorithms and protocols for Python

Details

USN-3199-1 fixed a vulnerability in the Python Cryptography Toolkit.
Unfortunately, various programs depended on the original behavior of the Python
Cryptography Toolkit which was altered when fixing the vulnerability. This
update retains the fix for the vulnerability but issues a warning rather than
throwing an exception. Code which produces this warning should be updated
because future versions of the Python Cryptography Toolkit re-introduce the
exception.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the ALGnew function in block_template.c in the Python
Cryptography Toolkit contained a heap-based buffer overflow vulnerability.
A remote attacker could use this flaw to execute arbitrary code by using
a crafted initialization vector parameter.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
python3-crypto

2.6.1-6ubuntu0.16.10.3
python-crypto

2.6.1-6ubuntu0.16.10.3
Ubuntu 16.04 LTS:
python3-crypto

2.6.1-6ubuntu0.16.04.2
python-crypto

2.6.1-6ubuntu0.16.04.2
Ubuntu 14.04 LTS:
python3-crypto

2.6.1-4ubuntu0.2
python-crypto

2.6.1-4ubuntu0.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2013-7459

USN-3200-1: WebKitGTK+ vulnerabilities

Ubuntu Security Notice USN-3200-1

16th February, 2017

webkit2gtk vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.10
  • Ubuntu 16.04 LTS

Summary

Several security issues were fixed in WebKitGTK+.

Software description

  • webkit2gtk
    – Web content engine library for GTK+

Details

A large number of security issues were discovered in the WebKitGTK+ Web and
JavaScript engines. If a user were tricked into viewing a malicious
website, a remote attacker could exploit a variety of issues related to web
browser security, including cross-site scripting attacks, denial of service
attacks, and arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.10:
libwebkit2gtk-4.0-37

2.14.5-0ubuntu0.16.10.1
libjavascriptcoregtk-4.0-18

2.14.5-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libwebkit2gtk-4.0-37

2.14.5-0ubuntu0.16.04.1
libjavascriptcoregtk-4.0-18

2.14.5-0ubuntu0.16.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any applications
that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

References

CVE-2017-2350,

CVE-2017-2354,

CVE-2017-2355,

CVE-2017-2356,

CVE-2017-2362,

CVE-2017-2363,

CVE-2017-2364,

CVE-2017-2365,

CVE-2017-2366,

CVE-2017-2369,

CVE-2017-2371,

CVE-2017-2373

USN-3198-1: OpenJDK 6 vulnerabilities

Ubuntu Security Notice USN-3198-1

15th February, 2017

openjdk-6 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in OpenJDK 6.

Software description

  • openjdk-6
    – Open Source Java implementation

Details

Karthik Bhargavan and Gaetan Leurent discovered that the DES and
Triple DES ciphers were vulnerable to birthday attacks. A remote
attacker could possibly use this flaw to obtain clear text data from
long encrypted sessions. This update moves those algorithms to the
legacy algorithm set and causes them to be used only if no non-legacy
algorithms can be negotiated. (CVE-2016-2183)

It was discovered that OpenJDK accepted ECSDA signatures using
non-canonical DER encoding. An attacker could use this to modify or
expose sensitive data. (CVE-2016-5546)

It was discovered that covert timing channel vulnerabilities existed
in the DSA implementations in OpenJDK. A remote attacker could use
this to expose sensitive information. (CVE-2016-5548)

It was discovered that the URLStreamHandler class in OpenJDK did not
properly parse user information from a URL. A remote attacker could
use this to expose sensitive information. (CVE-2016-5552)

It was discovered that the URLClassLoader class in OpenJDK did not
properly check access control context when downloading class files. A
remote attacker could use this to expose sensitive information.
(CVE-2017-3231)

It was discovered that the Remote Method Invocation (RMI)
implementation in OpenJDK performed deserialization of untrusted
inputs. A remote attacker could use this to execute arbitrary
code. (CVE-2017-3241)

It was discovered that the Java Authentication and Authorization
Service (JAAS) component of OpenJDK did not properly perform user
search LDAP queries. An attacker could use a specially constructed
LDAP entry to expose or modify sensitive information. (CVE-2017-3252)

It was discovered that the PNGImageReader class in OpenJDK did not
properly handle iTXt and zTXt chunks. An attacker could use this to
cause a denial of service (memory consumption). (CVE-2017-3253)

It was discovered that integer overflows existed in the
SocketInputStream and SocketOutputStream classes of OpenJDK. An
attacker could use this to expose sensitive information.
(CVE-2017-3261)

It was discovered that the atomic field updaters in the
java.util.concurrent.atomic package in OpenJDK did not properly
restrict access to protected field members. An attacker could use
this to specially craft a Java application or applet that could bypass
Java sandbox restrictions. (CVE-2017-3272)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
icedtea-6-jre-cacao

6b41-1.13.13-0ubuntu0.12.04.1
icedtea-6-jre-jamvm

6b41-1.13.13-0ubuntu0.12.04.1
openjdk-6-jdk

6b41-1.13.13-0ubuntu0.12.04.1
openjdk-6-jre

6b41-1.13.13-0ubuntu0.12.04.1
openjdk-6-jre-headless

6b41-1.13.13-0ubuntu0.12.04.1
openjdk-6-jre-zero

6b41-1.13.13-0ubuntu0.12.04.1
openjdk-6-jre-lib

6b41-1.13.13-0ubuntu0.12.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional
bug fixes. After a standard system update you need to restart any
Java applications or applets to make all the necessary changes.

References

CVE-2016-2183,

CVE-2016-5546,

CVE-2016-5548,

CVE-2016-5552,

CVE-2017-3231,

CVE-2017-3241,

CVE-2017-3252,

CVE-2017-3253,

CVE-2017-3261,

CVE-2017-3272