Overview

Python, curl, Linux kernel, Exim and more, plus Alex and Joe discuss the

recent Ubuntu Engineering Sprint in Paris and building a HoneyBot for Admin

Magazine.

This week in Ubuntu Security Updates

[USN-4125-1] Memcached vulnerability [00:42]

of UNIX socket using strncpy() which could possibly read past the end of

the src buffer) - possible crash -> DoS - fixed to explicitly limit

length to smallest of src/dst buffers rather than just size of dest

buffer

[USN-4126-1] FreeType vulnerability [01:49]

[USN-4127-1, USN-4127-2] Python vulnerabilities [02:13]

for wrong host

for another domain

distpoint / URI

gigabytes of data via the pickle format - could cause memory exhaustion

[USN-4128-1, USN-4128-2] Tomcat vulnerabilities [03:35]

frames and would permit clients to keep streams open without reading /

writing anything - could lead to DoS by causing server-side threads to

block

provided data without escaping - intended only for debugging so shouldn’t

be used in a production website anyway

[USN-4120-2] systemd regression [04:45]

prepared using a pending SRU update - but this contained a regression in

networking - re-released the security fix but without this SRU update

included.

[USN-4115-2] Linux kernel regression [05:18]

fragmented packets

[USN-4129-1, USN-4129-2] curl vulnerabilities [05:42]

[USN-4130-1] WebKitGTK+ vulnerabilities [06:15]

[USN-4131-1] VLC vulnerabilities [06:38]

[USN-4133-1] Wireshark vulnerabilities [06:48]

[USN-4132-1, USN-4132-2] Expat vulnerability [06:55]

(whilst still in DTD) - could then result in a heap-based buffer

over-read when looking up current line / column number - possible crash

-> DoS

[USN-4134-1] IBus vulnerability [07:30]

another local user to connect to logged in local user’s IBus daemon and

snoop on keystrokes etc

easily discoverable

[USN-4134-2] IBus regression [08:00]

reverted

[USN-4124-2] Exim vulnerability [08:25]

[USN-4113-2] Apache HTTP Server regression [08:38]

balance manager connections - fixed by incorporating missing upstream

patches

[USN-4135-1, USN-4135-2] Linux kernel vulnerabilities [09:01]

to be privileged)

vector registers of other users’ processes either during an interrupt or

via a facility unavailable exception

[LSN-0056-1] Linux kernel vulnerability [09:51]

[USN-4136-1, USN-4136-2] wpa_supplicant and hostapd vulnerability [10:06]

specially crafted management frame (since would not properly validate the

source address of the frame)

[USN-4137-1] Mosquitto vulnerability [10:44]

~65k ‘/’ characters

[USN-4138-1] LibreOffice vulnerability [10:56]

of code on local file-system in macros etc via URL encoding

[USN-4139-1] File Roller vulnerability [11:18]

[USN-4140-1] Firefox vulnerability [11:33]

without any notification to user - could allow a malicious website to

hijack mouse cursor and confuse user

[USN-4141-1] Exim vulnerability [11:54]

was announced on Saturday 28th - thanks Marc for the quick update :)

Goings on in Ubuntu Security Community

Joe and Alex talk about the Paris Engineering Sprint and Joe’s recent article in Admin Magazine [12:42]

New security category on discourse.ubuntu.com [25:52]

in a more user-friendly and centralised location

and #ubuntu-hardened IRC channel

Get in contact