October 02, 2020

Episode 92

11 minutes

Overview

It’s CVE bankruptcy! With a deluge of CVEs to cover from the last 2 weeks,

we take a particular look at the ZeroLogon vulnerability in Samba this

week, plus Alex covers the AppArmor 3 release and some recent / upcoming

webinars hosted by the Ubuntu Security team.

This week in Ubuntu Security Updates

121 unique CVEs addressed

[USN-4510-1, USN-4510-2] Samba vulnerability

1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-1472

“ZeroLogon”

Would allow an attacker who already can communicate with the domain

controller to reset it’s password and so then take control of the DC and

obtain the domain admin’s credentials

Flaw in the NetLogon protocol would allow the attacker to impersonate any

computer in the domain, even the DC itself, and execute calls on that

computer’s behalf

This flaw was in the cryptographic authentication scheme employed by

the NetLogon protocol

Samba also implements this protocol - and so contained the same flaw

In both cases (Window AD vs Samba) there is an option to use a more

secure authentication mechanism - for older Ubuntu releases like Trusty,

Xenial and Bionic the default configuration as specified by upstream

Samba did not enforce the use of this bu default

So the fix is a simple configuration change to enable this by default

This is done by patching Samba directly (rather than trying to say update

everyone’s deployed /etc/samba.conf or similar) - which still allows a

local admin to turn this off if they so desire (although this is

definitely not recommended)

One example of how Ubuntu tries to be secure by default - when known

better security configuration options become available we try and enable

them (whilst weighing up the likelihood of breaking existing installs -

we try very hard not to do this)

Similarly we have done the same for the various spec exec mitigations -

almost all default to on even at the expense of a performance hit in that

case

[USN-4504-1] OpenSSL vulnerabilities

4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2019-1563

CVE-2019-1551

CVE-2019-1547

CVE-2020-1968

[USN-4505-1] PHPMailer vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2020-13625

[USN-4506-1] MCabber vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2016-9928

[USN-4507-1] ncmpc vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2018-9240

[USN-4508-1] StoreBackup vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-7040

[USN-4509-1] Perl DBI module vulnerabilities

2 CVEs addressed in Trusty ESM (14.04 ESM)

CVE-2014-10401

CVE-2013-7490

[USN-4511-1] QEMU vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-14364

[USN-4512-1] util-linux vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2018-7738

[USN-4513-1] apng2gif vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2017-6960

[USN-4514-1] libproxy vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-25219

[USN-4515-1] Pure-FTPd vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2020-9274

[USN-4516-1] GnuPG vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-14855

USN-4518-1] xawtv vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2020-13696

[USN-4519-1] PulseAudio vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2020-15710

[USN-4520-1] Exim SpamAssassin vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-19920

[USN-4521-1] pam_tacplus vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-13881

[USN-4522-1] noVNC vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2017-18635

[USN-4523-1] LibOFX vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-9656

[USN-4524-1] TNEF vulnerabilities

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-18849

[USN-4525-1] Linux kernel vulnerabilities

5 CVEs addressed in Focal (20.04 LTS)

CVE-2020-25212

CVE-2020-16166

CVE-2020-12888

CVE-2019-19054

CVE-2019-18808

[USN-4526-1] Linux kernel vulnerabilities

10 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-16166

CVE-2020-14356

CVE-2020-12888

CVE-2019-9445

CVE-2019-19074

CVE-2019-19073

CVE-2019-19067

CVE-2019-19061

CVE-2019-19054

CVE-2019-18808

[USN-4527-1] Linux kernel vulnerabilities

8 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS)

CVE-2020-25212

CVE-2020-0067

CVE-2019-9453

CVE-2019-9445

CVE-2019-20811

CVE-2019-19074

CVE-2019-19073

CVE-2019-19054

[USN-4528-1] Ceph vulnerabilities

3 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-1760

CVE-2020-12059

CVE-2020-10753

[USN-4529-1] FreeImage vulnerabilities

2 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-12213

CVE-2019-12211

[USN-4531-1] BusyBox vulnerability

1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2018-1000500

[USN-4530-1] Debian-LAN vulnerabilities

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-3467

[USN-4532-1] Netty vulnerabilities

3 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-20445

CVE-2019-20444

CVE-2019-16869

[USN-4533-1] LTSP Display Manager vulnerabilities

1 CVEs addressed in Focal (20.04 LTS)

CVE-2019-20373

[USN-4534-1] Perl DBI module vulnerability

1 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2019-20919

[USN-4535-1] RDFLib vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-7653

[USN-4537-1] Aptdaemon vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-15703

[USN-4538-1] PackageKit vulnerabilities

2 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-16122

CVE-2020-16121

[USN-4536-1] SPIP vulnerabilities

7 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-16393

CVE-2019-19830

CVE-2017-15736

CVE-2019-16391

CVE-2019-11071

CVE-2019-16394

CVE-2019-16392

[USN-4539-1] AWL vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-11728

[USN-4540-1] atftpd vulnerabilities

2 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-11366

CVE-2019-11365

[USN-4542-1] MiniUPnPd vulnerabilities

5 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-12111

CVE-2019-12110

CVE-2019-12109

CVE-2019-12108

CVE-2019-12107

[USN-4543-1] Sanitize vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-4054

[USN-4541-1] Gnuplot vulnerabilities

3 CVEs addressed in Xenial (16.04 LTS)

CVE-2018-19492

CVE-2018-19491

CVE-2018-19490

[USN-4545-1] libquicktime vulnerabilities

7 CVEs addressed in Xenial (16.04 LTS)

CVE-2017-9125

CVE-2017-9128

CVE-2017-9127

CVE-2017-9126

CVE-2017-9124

CVE-2017-9123

CVE-2017-9122

[USN-4546-1] Firefox vulnerabilities

6 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-15678

CVE-2020-15677

CVE-2020-15676

CVE-2020-15675

CVE-2020-15674

CVE-2020-15673

[USN-3968-3] Sudo vulnerabilities

2 CVEs addressed in Trusty ESM (14.04 ESM)

CVE-2016-7032

CVE-2016-7076

[USN-4549-1] ImageMagick vulnerabilities

2 CVEs addressed in Focal (20.04 LTS)

CVE-2019-19949

CVE-2019-19948

[USN-4548-1] libuv vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-8252

[USN-4547-1] iTALC vulnerabilities

12 CVEs addressed in Bionic (18.04 LTS)

CVE-2018-7225

CVE-2018-20750

CVE-2018-20749

CVE-2018-20748

CVE-2018-20024

CVE-2018-20023

CVE-2018-20022

CVE-2018-20021

CVE-2018-20020

CVE-2018-20019

CVE-2018-15127

CVE-2019-15681

[USN-4553-1] Teeworlds vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-12066

[USN-4552-1] Pam-python vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-16729

[USN-4550-1] DPDK vulnerabilities

5 CVEs addressed in Focal (20.04 LTS)

CVE-2020-14378

CVE-2020-14377

CVE-2020-14376

CVE-2020-14375

CVE-2020-14374

[USN-4551-1] Squid vulnerabilities

4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-24606

CVE-2020-15811

CVE-2020-15810

CVE-2020-15049

[USN-4554-1] libPGF vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2015-6673

[USN-4547-2] SSVNC vulnerabilities

5 CVEs addressed in Xenial (16.04 LTS)

CVE-2018-20024

CVE-2018-2024

CVE-2018-20022

CVE-2018-20021

CVE-2018-20020

[USN-4556-1] netqmail vulnerabilities

5 CVEs addressed in Focal (20.04 LTS)

CVE-2020-3812

CVE-2020-3811

CVE-2005-1515

CVE-2005-1514

CVE-2005-1513

Goings on in Ubuntu Security Community

AppArmor 3.0 Release

https://gitlab.com/apparmor/apparmor/-/releases/v3.0.0

https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0

Ubuntu Security Related Webinars

FIPS certification and CIS compliance with Ubuntu Webinar

<2020-10-01 Thu>

More on the Ubuntu FIPS certification for cryptographic modules in Ubuntu

18.04 LTS and 16.04 LTS and the Ubuntu FIPS public cloud images

The difference between FIPS certified and FIPS compliant modules

More on compliance benchmark documentation for Ubuntu CIS compliance

How to quickly harden Ubuntu systems and easily view which rules your

systems are not compliant with using the CIS automation tooling from

Canonical [demo]

Presented by Vineetha Kamatha (Security Engineering Manager), Shaun

Murphy (Public Cloud Sr Product Manager) & Lech Sandecki (Product

Manager)

https://www.brighttalk.com/webcast/6793/432536/fips-certification-and-cis-compliance-with-ubuntu

Best Practices for Securing Open Source Webinar

<2020-10-08 Thu>

https://www.brighttalk.com/webcast/6793/440071

Presented by me :)

Get in contact

[email protected]

#ubuntu-security on the Libera.Chat IRC network

ubuntu-hardened mailing list

Security section on discourse.ubuntu.com

@ubuntu_sec on twitter

...more

View all episodes

By Ubuntu Security Team

4.8

1010 ratings

October 02, 2020

Episode 92

11 minutes

Overview

It’s CVE bankruptcy! With a deluge of CVEs to cover from the last 2 weeks,

we take a particular look at the ZeroLogon vulnerability in Samba this

week, plus Alex covers the AppArmor 3 release and some recent / upcoming

webinars hosted by the Ubuntu Security team.

This week in Ubuntu Security Updates

121 unique CVEs addressed

[USN-4510-1, USN-4510-2] Samba vulnerability

1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-1472

“ZeroLogon”

Would allow an attacker who already can communicate with the domain

controller to reset it’s password and so then take control of the DC and

obtain the domain admin’s credentials

Flaw in the NetLogon protocol would allow the attacker to impersonate any

computer in the domain, even the DC itself, and execute calls on that

computer’s behalf

This flaw was in the cryptographic authentication scheme employed by

the NetLogon protocol

Samba also implements this protocol - and so contained the same flaw

In both cases (Window AD vs Samba) there is an option to use a more

secure authentication mechanism - for older Ubuntu releases like Trusty,

Xenial and Bionic the default configuration as specified by upstream

Samba did not enforce the use of this bu default

So the fix is a simple configuration change to enable this by default

This is done by patching Samba directly (rather than trying to say update

everyone’s deployed /etc/samba.conf or similar) - which still allows a

local admin to turn this off if they so desire (although this is

definitely not recommended)

One example of how Ubuntu tries to be secure by default - when known

better security configuration options become available we try and enable

them (whilst weighing up the likelihood of breaking existing installs -

we try very hard not to do this)

Similarly we have done the same for the various spec exec mitigations -

almost all default to on even at the expense of a performance hit in that

case

[USN-4504-1] OpenSSL vulnerabilities

4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2019-1563

CVE-2019-1551

CVE-2019-1547

CVE-2020-1968

[USN-4505-1] PHPMailer vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2020-13625

[USN-4506-1] MCabber vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2016-9928

[USN-4507-1] ncmpc vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2018-9240

[USN-4508-1] StoreBackup vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-7040

[USN-4509-1] Perl DBI module vulnerabilities

2 CVEs addressed in Trusty ESM (14.04 ESM)

CVE-2014-10401

CVE-2013-7490

[USN-4511-1] QEMU vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-14364

[USN-4512-1] util-linux vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2018-7738

[USN-4513-1] apng2gif vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2017-6960

[USN-4514-1] libproxy vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-25219

[USN-4515-1] Pure-FTPd vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2020-9274

[USN-4516-1] GnuPG vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-14855

USN-4518-1] xawtv vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2020-13696

[USN-4519-1] PulseAudio vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2020-15710

[USN-4520-1] Exim SpamAssassin vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-19920

[USN-4521-1] pam_tacplus vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-13881

[USN-4522-1] noVNC vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2017-18635

[USN-4523-1] LibOFX vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-9656

[USN-4524-1] TNEF vulnerabilities

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-18849

[USN-4525-1] Linux kernel vulnerabilities

5 CVEs addressed in Focal (20.04 LTS)

CVE-2020-25212

CVE-2020-16166

CVE-2020-12888

CVE-2019-19054

CVE-2019-18808

[USN-4526-1] Linux kernel vulnerabilities

10 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-16166

CVE-2020-14356

CVE-2020-12888

CVE-2019-9445

CVE-2019-19074

CVE-2019-19073

CVE-2019-19067

CVE-2019-19061

CVE-2019-19054

CVE-2019-18808

[USN-4527-1] Linux kernel vulnerabilities

8 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS)

CVE-2020-25212

CVE-2020-0067

CVE-2019-9453

CVE-2019-9445

CVE-2019-20811

CVE-2019-19074

CVE-2019-19073

CVE-2019-19054

[USN-4528-1] Ceph vulnerabilities

3 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-1760

CVE-2020-12059

CVE-2020-10753

[USN-4529-1] FreeImage vulnerabilities

2 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-12213

CVE-2019-12211

[USN-4531-1] BusyBox vulnerability

1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2018-1000500

[USN-4530-1] Debian-LAN vulnerabilities

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-3467

[USN-4532-1] Netty vulnerabilities

3 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-20445

CVE-2019-20444

CVE-2019-16869

[USN-4533-1] LTSP Display Manager vulnerabilities

1 CVEs addressed in Focal (20.04 LTS)

CVE-2019-20373

[USN-4534-1] Perl DBI module vulnerability

1 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2019-20919

[USN-4535-1] RDFLib vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-7653

[USN-4537-1] Aptdaemon vulnerability

1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-15703

[USN-4538-1] PackageKit vulnerabilities

2 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-16122

CVE-2020-16121

[USN-4536-1] SPIP vulnerabilities

7 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-16393

CVE-2019-19830

CVE-2017-15736

CVE-2019-16391

CVE-2019-11071

CVE-2019-16394

CVE-2019-16392

[USN-4539-1] AWL vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-11728

[USN-4540-1] atftpd vulnerabilities

2 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-11366

CVE-2019-11365

[USN-4542-1] MiniUPnPd vulnerabilities

5 CVEs addressed in Xenial (16.04 LTS)

CVE-2019-12111

CVE-2019-12110

CVE-2019-12109

CVE-2019-12108

CVE-2019-12107

[USN-4543-1] Sanitize vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-4054

[USN-4541-1] Gnuplot vulnerabilities

3 CVEs addressed in Xenial (16.04 LTS)

CVE-2018-19492

CVE-2018-19491

CVE-2018-19490

[USN-4545-1] libquicktime vulnerabilities

7 CVEs addressed in Xenial (16.04 LTS)

CVE-2017-9125

CVE-2017-9128

CVE-2017-9127

CVE-2017-9126

CVE-2017-9124

CVE-2017-9123

CVE-2017-9122

[USN-4546-1] Firefox vulnerabilities

6 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)

CVE-2020-15678

CVE-2020-15677

CVE-2020-15676

CVE-2020-15675

CVE-2020-15674

CVE-2020-15673

[USN-3968-3] Sudo vulnerabilities

2 CVEs addressed in Trusty ESM (14.04 ESM)

CVE-2016-7032

CVE-2016-7076

[USN-4549-1] ImageMagick vulnerabilities

2 CVEs addressed in Focal (20.04 LTS)

CVE-2019-19949

CVE-2019-19948

[USN-4548-1] libuv vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-8252

[USN-4547-1] iTALC vulnerabilities

12 CVEs addressed in Bionic (18.04 LTS)

CVE-2018-7225

CVE-2018-20750

CVE-2018-20749

CVE-2018-20748

CVE-2018-20024

CVE-2018-20023

CVE-2018-20022

CVE-2018-20021

CVE-2018-20020

CVE-2018-20019

CVE-2018-15127

CVE-2019-15681

[USN-4553-1] Teeworlds vulnerability

1 CVEs addressed in Focal (20.04 LTS)

CVE-2020-12066

[USN-4552-1] Pam-python vulnerability

1 CVEs addressed in Bionic (18.04 LTS)

CVE-2019-16729

[USN-4550-1] DPDK vulnerabilities

5 CVEs addressed in Focal (20.04 LTS)

CVE-2020-14378

CVE-2020-14377

CVE-2020-14376

CVE-2020-14375

CVE-2020-14374

[USN-4551-1] Squid vulnerabilities

4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)

CVE-2020-24606

CVE-2020-15811

CVE-2020-15810

CVE-2020-15049

[USN-4554-1] libPGF vulnerability

1 CVEs addressed in Xenial (16.04 LTS)

CVE-2015-6673

[USN-4547-2] SSVNC vulnerabilities

5 CVEs addressed in Xenial (16.04 LTS)

CVE-2018-20024

CVE-2018-2024

CVE-2018-20022

CVE-2018-20021

CVE-2018-20020

[USN-4556-1] netqmail vulnerabilities

5 CVEs addressed in Focal (20.04 LTS)

CVE-2020-3812

CVE-2020-3811

CVE-2005-1515

CVE-2005-1514

CVE-2005-1513

Goings on in Ubuntu Security Community

AppArmor 3.0 Release

https://gitlab.com/apparmor/apparmor/-/releases/v3.0.0

https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0

Ubuntu Security Related Webinars

FIPS certification and CIS compliance with Ubuntu Webinar

<2020-10-01 Thu>

More on the Ubuntu FIPS certification for cryptographic modules in Ubuntu

18.04 LTS and 16.04 LTS and the Ubuntu FIPS public cloud images

The difference between FIPS certified and FIPS compliant modules

More on compliance benchmark documentation for Ubuntu CIS compliance

How to quickly harden Ubuntu systems and easily view which rules your

systems are not compliant with using the CIS automation tooling from

Canonical [demo]

Presented by Vineetha Kamatha (Security Engineering Manager), Shaun

Murphy (Public Cloud Sr Product Manager) & Lech Sandecki (Product

Manager)

https://www.brighttalk.com/webcast/6793/432536/fips-certification-and-cis-compliance-with-ubuntu

Best Practices for Securing Open Source Webinar

<2020-10-08 Thu>

https://www.brighttalk.com/webcast/6793/440071

Presented by me :)

Get in contact

[email protected]

#ubuntu-security on the Libera.Chat IRC network

ubuntu-hardened mailing list

Security section on discourse.ubuntu.com

@ubuntu_sec on twitter

...more

Share Episode 92

Sign up to save your podcasts

Episode 92

Episode 92