Sign up to save your podcasts
Or
Share Episode 59
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 59
Overview
After a weeks break we are back to look at updates for ClamAV, GnuTLS,
nginx, Samba and more, plus we briefly discuss the current 20.04 Mid-Cycle
Roadmap Review sprint for the Ubuntu Security Team
This week in Ubuntu Security Updates
73 unique CVEs addressed
[USN-4230-1] ClamAV vulnerability [01:16]
in particular
[USN-4232-1] GraphicsMagick vulnerabilities [01:52]
[USN-4231-1] NSS vulnerability [03:04]
inputs to various functions - so applications using libnss for crypto
could be vulnerable to buffer overflow
[USN-4233-1] GnuTLS update [03:54]
SHA1 has been broken in theory for a while and 2017 Google showed the
first SHA1 collision - recently the first chosen-prefix attack was
demonstrated against SHA1 as well - demonstrated by creating a GPG key
which can impersonate another
can relatively easily be forged now (but not for an arbitrary input)
will not trust SHA1 based digital signatures
[USN-4234-1] Firefox vulnerabilities [06:10]
security policy restrictions, conduct XSS attacks or execute arbitrary
code
[USN-4047-2] libvirt update vulnerability [06:48]
could cause effects were accessible to read-only users
[USN-4235-1, USN-4235-2] nginx vulnerability [07:18]
unauthorized web pages where nginx is being fronted by a load balanced
when used with certain error_page configurations
[USN-4236-1, USN-4236-2] Libgcrypt vulnerability [08:03]
the bit-length of the random nonce scalar during scalar multiplication
on an elliptic curve - full private key is able to be recovered using
lattice techniques
[USN-4237-1, USN-4237-2] SpamAssassin vulnerabilities [09:04]
files
[USN-4238-1] SDL_image vulnerabilities [09:55]
games etc - provides common access to audio, input devices, graphics etc)
DoS or possible RCE
[USN-4239-1] PHP vulnerabilities [10:32]
bcmath extension, and 1 issue with handling filenames with embedded NUL
bytes
[USN-4221-2] libpcap vulnerability [11:28]
[USN-4240-1] Kamailio vulnerability [11:42]
message
[USN-4241-1] Thunderbird vulnerabilities [11:59]
also affected Firefox above
[USN-4225-2] Linux kernel (HWE) vulnerabilities [12:21]
bionic (18.04 LTS)
[USN-4242-1] Sysstat vulnerabilities [13:07]
utility - likely the original reported is fuzzing this
heap-protector so this is just a crash -> DoS
[USN-4243-1] libbsd vulnerabilities [14:12]
(strlcpy() etc)
heap buffer overflow -> crash / RCE (doesn’t appear to be used by any
software in Ubuntu)
[USN-4244-1] Samba vulnerabilities [15:15]
subtree (unable to be easily backported to Xenial so only fixed on
Bionic, Disco and Eoan - instead can workaround by manually replication
ACLs from one DC to another for a given naming context)
[USN-4245-1] PySAML2 vulnerability [16:32]
document by using the wrong data - so could assert a document has been
fully signed when only a part of it has
Goings on in Ubuntu Security Community
Mid cycle product roadmap sprint [17:18]
ie. ESM offerings, AppArmor features, snapd security features, Ubuntu
Core security features, MIR security reviews progress etc
Get in contact
View all episodes
By Ubuntu Security Team
4.8
1010 ratings
Overview
After a weeks break we are back to look at updates for ClamAV, GnuTLS,
nginx, Samba and more, plus we briefly discuss the current 20.04 Mid-Cycle
Roadmap Review sprint for the Ubuntu Security Team
This week in Ubuntu Security Updates
73 unique CVEs addressed
[USN-4230-1] ClamAV vulnerability [01:16]
in particular
[USN-4232-1] GraphicsMagick vulnerabilities [01:52]
[USN-4231-1] NSS vulnerability [03:04]
inputs to various functions - so applications using libnss for crypto
could be vulnerable to buffer overflow
[USN-4233-1] GnuTLS update [03:54]
SHA1 has been broken in theory for a while and 2017 Google showed the
first SHA1 collision - recently the first chosen-prefix attack was
demonstrated against SHA1 as well - demonstrated by creating a GPG key
which can impersonate another
can relatively easily be forged now (but not for an arbitrary input)
will not trust SHA1 based digital signatures
[USN-4234-1] Firefox vulnerabilities [06:10]
security policy restrictions, conduct XSS attacks or execute arbitrary
code
[USN-4047-2] libvirt update vulnerability [06:48]
could cause effects were accessible to read-only users
[USN-4235-1, USN-4235-2] nginx vulnerability [07:18]
unauthorized web pages where nginx is being fronted by a load balanced
when used with certain error_page configurations
[USN-4236-1, USN-4236-2] Libgcrypt vulnerability [08:03]
the bit-length of the random nonce scalar during scalar multiplication
on an elliptic curve - full private key is able to be recovered using
lattice techniques
[USN-4237-1, USN-4237-2] SpamAssassin vulnerabilities [09:04]
files
[USN-4238-1] SDL_image vulnerabilities [09:55]
games etc - provides common access to audio, input devices, graphics etc)
DoS or possible RCE
[USN-4239-1] PHP vulnerabilities [10:32]
bcmath extension, and 1 issue with handling filenames with embedded NUL
bytes
[USN-4221-2] libpcap vulnerability [11:28]
[USN-4240-1] Kamailio vulnerability [11:42]
message
[USN-4241-1] Thunderbird vulnerabilities [11:59]
also affected Firefox above
[USN-4225-2] Linux kernel (HWE) vulnerabilities [12:21]
bionic (18.04 LTS)
[USN-4242-1] Sysstat vulnerabilities [13:07]
utility - likely the original reported is fuzzing this
heap-protector so this is just a crash -> DoS
[USN-4243-1] libbsd vulnerabilities [14:12]
(strlcpy() etc)
heap buffer overflow -> crash / RCE (doesn’t appear to be used by any
software in Ubuntu)
[USN-4244-1] Samba vulnerabilities [15:15]
subtree (unable to be easily backported to Xenial so only fixed on
Bionic, Disco and Eoan - instead can workaround by manually replication
ACLs from one DC to another for a given naming context)
[USN-4245-1] PySAML2 vulnerability [16:32]
document by using the wrong data - so could assert a document has been
fully signed when only a part of it has
Goings on in Ubuntu Security Community
Mid cycle product roadmap sprint [17:18]
ie. ESM offerings, AppArmor features, snapd security features, Ubuntu
Core security features, MIR security reviews progress etc
Get in contact