USNs for ubuntu 19.10

USN-4323-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6821, CVE-2020-6822, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826) It was discovered that…

7 April 2020

USN-4322-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled randomness when performing DTLS negotiation. A remote attacker could possibly use this issue to obtain sensitive information, contrary to expectations.

7 April 2020

USN-4321-1: HAProxy vulnerability

Felix Wilhelm discovered that HAProxy incorrectly handled certain HTTP/2 requests. An attacker could possibly use this to execute arbitrary code.

7 April 2020

USN-4319-1: Linux kernel vulnerabilities

It was discovered that the IPMI message handler implementation in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19046) Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability….

6 April 2020

USN-4317-1: Firefox vulnerabilities

Two use-after-free bugs were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit these to cause a denial of service or execute arbitrary code.

4 April 2020

USN-4316-1: GD Graphics Library vulnerabilities

It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. (CVE-2018-14553) It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly…

2 April 2020

USN-4315-1: Apport vulnerabilities

Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. (CVE-2020-8831) Maximilien Bourgeteau discovered a race condition in Apport when setting crash report permissions. This could allow a local attacker to…

2 April 2020

USN-4314-1: pam-krb5 vulnerability

Russ Allbery discovered that pam-krb5 incorrectly handled some responses. An attacker could possibly use this issue to execute arbitrary code.

31 March 2020

USN-4313-1: Linux kernel vulnerability

Manfred Paul discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information (kernel memory) or gain administrative privileges.

30 March 2020

USN-4311-1: BlueZ vulnerabilities

It was discovered that BlueZ incorrectly handled bonding HID and HOGP devices. A local attacker could possibly use this issue to impersonate non-bonded devices. (CVE-2020-0556) It was discovered that BlueZ incorrectly handled certain commands. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or…

30 March 2020

USN-4312-1: Timeshift vulnerability

Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root.

30 March 2020

USN-4310-1: WebKitGTK+ vulnerability

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

30 March 2020

USN-4300-1: Linux kernel vulnerabilities

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information (read memory from another guest VM). (CVE-2019-3016) Paulo…

25 March 2020

USN-4134-3: IBus vulnerability

USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability. We apologize for the inconvenience. Original advisory details: Simon McVittie discovered that IBus did…

24 March 2020

USN-4309-1: Vim vulnerabilities

It was discovered that Vim incorrectly handled certain sources. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS (CVE-2017-11109) It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute…

23 March 2020

USN-4308-1: Twisted vulnerabilities

it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. (CVE-2019-12387) It was discovered that Twisted incorrectly verified XMPP TLS certificates. A remote attacker could possibly use this…

19 March 2020

USN-4171-5: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. This caused a regression in autopkgtest and python2 compatibility. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to…

18 March 2020

USN-4305-1: ICU vulnerability

André Bargull discovered that ICU incorrectly handled certain strings. An attacker could possibly use this issue to execute arbitrary code.

17 March 2020

USN-4304-1: Ceph vulnerability

Or Friedman discovered that Ceph incorrectly handled disconnects. A remote authenticated attacker could possibly use this issue to cause Ceph to consume resources, leading to a denial of service.

17 March 2020

USN-4299-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy (CSP) protections, or execute arbitrary…

11 March 2020

USN-4298-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13734, CVE-2019-13750, CVE-2019-13753) It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use…

10 March 2020

USN-4297-1: runC vulnerabilities

It was discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount over the /proc directory and escalate privileges. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-16884) It was discovered that runC incorrectly performed access control. An attacker could possibly use this issue…

9 March 2020

USN-4296-1: Django vulnerability

Norbert Szetei discovered that Django incorrectly handled the GIS functions and aggregates on Oracle. A remote attacker could possibly use this issue to perform an SQL injection attack.

4 March 2020

USN-4295-1: Rake vulnerability

It was discovered that Rake incorrectly handled certain files. An attacker could use this issue to possibly execute arbitrary commands.

3 March 2020

USN-4294-1: OpenSMTPD vulnerabilities

It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell commands as any non-root user. (CVE-2020-8794) It was discovered that OpenSMTPD did not properly handle hardlinks under certain conditions. An unprivileged local attacker could read the first line…

2 March 2020

USN-4293-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. (CVE-2019-19221) It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a crash resulting in a denial of service or…

2 March 2020

USN-4278-3: Firefox regressions

USN-4278-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially …

26 February 2020

USN-4291-1: mod-auth-mellon vulnerability

It was discovered that mod_auth_mellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL.

24 February 2020

USN-4290-1: libpam-radius-auth vulnerability

It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use this issue to cause libpam-radius-auth to crash, resulting in a denial of service.

24 February 2020

USN-4289-1: Squid vulnerabilities

Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. (CVE-2019-12528) Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access…

20 February 2020

USN-4288-1: ppp vulnerability

It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.

20 February 2020

USN-4284-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615) It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device…

19 February 2020

USN-4283-1: QEMU vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2020-1711) It was discovered that the QEMU libslirp component…

18 February 2020

USN-4282-1: PostgreSQL vulnerability

It was discovered that PostgreSQL incorrectly performed authorization checks when handling the "ALTER … DEPENDS ON EXTENSION" sub-commands. A remote attacker could possibly use this issue to drop any function, procedure, materialized view, index, or trigger under certain conditions.

18 February 2020

USN-4281-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

18 February 2020

USN-4280-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled memory when the Data-Loss-Prevention (DLP) feature was enabled. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

18 February 2020

USN-4279-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose…

17 February 2020

USN-4278-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, or execute arbitrary code.

13 February 2020

USN-4277-1: libexif vulnerabilities

Liu Bingchang discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2016-6328) Lili Xu and Bingchang Liu discovered that libexif incorrectly handled…

11 February 2020

USN-4274-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19956, CVE-2020-7595)

10 February 2020

USN-4275-1: Qt vulnerabilities

It was discovered that Qt incorrectly handled certain PPM images. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-19872) It was discovered that Qt incorrectly…

10 February 2020

USN-4250-2: MariaDB vulnerability

It was discovered that an unspecified vulnerability existed in the C API component of MariaDB. An attacker could use this to cause a denial of service for MariaDB clients. MariaDB has been updated to 10.3.22 in Ubuntu 19.10 and 10.1.44 in Ubuntu 18.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and…

6 February 2020

USN-4273-1: ReportLab vulnerability

It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary code.

6 February 2020

USN-4272-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-16865, CVE-2019-19911) It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-5312) It was discovered that…

6 February 2020

USN-4271-1: Mesa vulnerability

Tim Brown discovered that Mesa incorrectly handled shared memory permissions. A local attacker could use this issue to obtain and possibly alter sensitive information belonging to another user.

6 February 2020

USN-4270-1: Exiv2 vulnerability

It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service.

5 February 2020

USN-4269-1: systemd vulnerabilities

It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-16888) It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could…

5 February 2020

USN-4268-1: OpenSMTPD vulnerability

It was discovered that OpenSMTPD incorrectly verified the sender’s or receiver’s e-mail addresses under certain conditions. An attacker could use this vulnerability to execute arbitrary commands as root.

5 February 2020

USN-4265-1: SpamAssassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code.

4 February 2020

USN-4264-1: Django vulnerability

Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks.

4 February 2020

USN-4263-1: Sudo vulnerability

Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.

3 February 2020

USN-4234-2: Firefox regressions

USN-4234-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially…

30 January 2020

USN-4262-1: OpenStack Keystone vulnerability

Daniel Preussker discovered that OpenStack Keystone incorrectly handled the list credentials API. A user with a role on the project could use this issue to view any other user’s credentials.

30 January 2020

USN-4261-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

29 January 2020

USN-4257-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2020-2583) It was discovered that OpenJDK incorrectly validated properties of SASL messages included in Kerberos GSSAPI. An…

28 January 2020

USN-4256-1: Cyrus SASL vulnerability

It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.

28 January 2020

USN-4253-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information.

28 January 2020

USN-4250-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.19 in Ubuntu 19.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.29. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly…

27 January 2020

USN-4249-1: e2fsprogs vulnerability

It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.

23 January 2020

USN-4247-2: python-apt regression

USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a…

22 January 2020

USN-4247-1: python-apt vulnerabilities

It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. (CVE-2019-15795) It was discovered that python-apt could install packages from untrusted repositories, contrary…

22 January 2020

USN-4245-1: PySAML2 vulnerability

It was discovered that PySAML2 incorrectly handled certain SAML files. An attacker could possibly use this issue to bypass signature verification with arbitrary data.

21 January 2020

USN-4244-1: Samba vulnerabilities

It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-14902) Robert Święcki discovered that Samba incorrectly handled certain character conversions when the log level is…

21 January 2020

USN-4242-1: Sysstat vulnerabilities

It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-16167) It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to execute…

20 January 2020

USN-4241-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting (XSS) attacks, or execute arbitrary code. (CVE-2019-17005, CVE-2019-17008, CVE-2019-17010,…

16 January 2020

USN-4239-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. (CVE-2019-11045) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose…

15 January 2020

USN-4237-1: SpamAssassin vulnerabilities

It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. (CVE-2018-11805) It was discovered that SpamAssassin incorrectly handled certain messages. A remote attacker could possibly use this issue…

13 January 2020

USN-4236-1: Libgcrypt vulnerability

It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information.

13 January 2020

USN-4235-1: nginx vulnerability

Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain error_page configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations.

13 January 2020

USN-4234-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy (CSP) restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code.

9 January 2020

USN-4231-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

8 January 2020

USN-4230-1: ClamAV vulnerability

It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

8 January 2020

USN-4225-1: Linux kernel vulnerabilities

It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901) It was discovered that a heap-based buffer overflow existed in the…

7 January 2020

USN-4224-1: Django vulnerability

Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts.

19 December 2019

USN-4223-1: OpenJDK vulnerabilities

Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. (CVE-2019-2894) It was discovered that the Socket implementation in OpenJDK did not properly restrict the creation of subclasses with a custom…

17 December 2019

USN-4202-2: Thunderbird regression

USN-4202-1 fixed vulnerabilities in Thunderbird. After upgrading, Thunderbird created a new profile for some users. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid…

10 December 2019

USN-4220-1: Git vulnerabilities

Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.

10 December 2019

USN-4219-1: libssh vulnerability

It was discovered that libssh incorrectly handled certain scp commands. If a user or automated system were tricked into using a specially-crafted scp command, a remote attacker could execute arbitrary commands on the server.

10 December 2019

USN-4217-1: Samba vulnerabilities

Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. (CVE-2019-14861) Isaac Boukris discovered that Samba did not enforce the Kerberos DelegationNotAllowed feature restriction, contrary to…

10 December 2019

USN-4216-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code.

9 December 2019

USN-4214-1: RabbitMQ vulnerability

It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

5 December 2019

USN-4213-1: Squid vulnerabilities

Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks and access restricted servers. This issue was only addressed in Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-12523) Jeriko One discovered that Squid incorrectly handed URN…

4 December 2019

USN-4212-1: HAProxy vulnerability

Tim Düsterhus discovered that HAProxy incorrectly handled certain HTTP/2 headers. An attacker could possibly use this issue to execute arbitrary code through CRLF injection.

4 December 2019

USN-4182-3: Intel Microcode regression

USN-4182-1 provided updated Intel Processor Microcode. A regression was discovered that caused some Skylake processors to hang after a warm reboot. This update reverts the microcode for that specific processor family. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro…

4 December 2019

USN-4208-1: Linux kernel vulnerabilities

Jann Horn discovered that the OverlayFS and ShiftFS Drivers in the Linux kernel did not properly handle reference counting during memory mapping operations when used in conjunction with AUFS. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15794) Nicolas Waisman discovered…

2 December 2019

USN-4205-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740) It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue…

2 December 2019

USN-4204-1: psutil vulnerability

Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.

28 November 2019

USN-4203-1: NSS vulnerability

It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

27 November 2019

USN-4202-1: Thunderbird vulnerabilities

It was discovered that a specially crafted S/MIME message with an inner encryption layer could be displayed as having a valid signature in some circumstances, even if the signer had no access to the encrypted message. An attacker could potentially exploit this to spoof the message author. (CVE-2019-11755) Multiple security issues were discovered…

26 November 2019

USN-4201-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain files. An attacker could possibly use this issue to pass path matching what can lead to an unauthorized access. (CVE-2019-15845) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could use this issue to cause a denial of service. (CVE-2019-16201) It…

26 November 2019

USN-4189-2: DPDK regression

USN-4189-1 fixed a vulnerability in DPDK. The new version introduced a regression in certain environments. This update fixes the problem. Original advisory details: Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting…

25 November 2019

USN-4198-1: DjVuLibre vulnerabilities

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code.

21 November 2019

USN-4197-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service.

21 November 2019

USN-4195-2: MariaDB vulnerabilities

USN-4195-1 fixed multiple vulnerabilities in MySQL. This update provides the corresponding fixes for CVE-2019-2974 in MariaDB 10.1 and CVE-2019-2938, CVE-2019-2974 for MariaDB 10.3. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.43. Ubuntu 19.04 and 19.10 has been updated to MariaDB 10.3.20. In addition to security fixes, the updated package…

20 November 2019

USN-4196-1: python-ecdsa vulnerabilities

It was discovered that python-ecdsa incorrectly handled certain signatures. A remote attacker could possibly use this issue to cause python-ecdsa to generate unexpected exceptions, resulting in a denial of service. (CVE-2019-14853) It was discovered that python-ecdsa incorrectly verified DER encoding in signatures. A remote attacker could use…

18 November 2019

USN-4195-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.18 in Ubuntu 19.10. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.04 have been updated to MySQL 5.7.28. In addition to security fixes, the updated packages contain bug fixes, new features,…

18 November 2019

USN-4194-1: postgresql-common vulnerability

Rich Mirch discovered that the postgresql-common pg_ctlcluster script incorrectly handled directory creation. A local attacker could possibly use this issue to escalate privileges.

14 November 2019

USN-4193-1: Ghostscript vulnerability

Paul Manfred and Lukas Schauer discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

14 November 2019

USN-4192-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

14 November 2019

USN-4191-1: QEMU vulnerabilities

It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. (CVE-2019-12068) Sergej Schumilo, Cornelius Aschermann and Simon Wörner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a…

14 November 2019

USN-4183-2: Linux kernel vulnerability

USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian…

13 November 2019

USN-4189-1: DPDK vulnerability

Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service.

13 November 2019

USN-4183-1: Linux kernel vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…

13 November 2019

USN-4182-1: Intel Microcode update

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…

12 November 2019

USN-4181-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

12 November 2019

USN-4179-1: FriBidi vulnerability

Alex Murray discovered a stack-based buffer overflow when handling a large number of unicode isolate directives. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

7 November 2019

USN-4177-1: Rygel vulnerability

It was discovered that the Rygel package automatically started the daemon by default in user sessions. In certain environments, this resulted in media being shared contrary to expectations.

6 November 2019

USN-4176-1: GNU cpio vulnerability

Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to privilege escalation.

6 November 2019

USN-4165-2: Firefox regressions

USN-4165-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially…

5 November 2019

USN-4175-1: Nokogiri vulnerability

It was discovered that Nokogiri incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands.

5 November 2019

USN-4174-1: HAproxy vulnerability

It was discovered that HAproxy incorrectly handled certain HTTP requests. An attacker could possibly use this issue to a privilege escalation (Request Smuggling).

5 November 2019

USN-4171-3: Apport regression

USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression in the Python Apport library. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to…

5 November 2019

USN-4170-3: Whoopsie regression

USN-4170-1 fixed a vulnerability in Whoopsie and USN-4170-2 fixed a subsequent regression. That update was incomplete and could still result in Whoopsie potentially crashing when uploading crash reports on some architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse…

5 November 2019

USN-4170-2: Whoopsie regression

USN-4170-1 fixed a vulnerability in Whoopsie. The update caused Whoopsie to crash when sending reports. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a…

30 October 2019

USN-4173-1: FreeTDS vulnerability

Felix Wilhelm discovered that FreeTDS incorrectly handled certain types after a protocol downgrade. A remote attacker could use this issue to cause FreeTDS to crash, resulting in a denial of service, or possibly execute arbitrary code.

30 October 2019

USN-4172-1: file vulnerability

It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

30 October 2019

USN-4171-1: Apport vulnerabilities

Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481) Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a…

30 October 2019

USN-4170-1: Whoopsie vulnerability

Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute code as the whoopsie user.

30 October 2019

USN-4167-1: Samba vulnerabilities

Michael Hanselmann discovered that the Samba client code incorrectly handled path separators. If a user were tricked into connecting to a malicious server, a remote attacker could use this issue to cause the client to access local pathnames instead of network pathnames. (CVE-2019-10218) Simon Fonteneau and Björn Baumbach discovered that Samba…

29 October 2019

USN-4166-1: PHP vulnerability

It was discovered that PHP incorrectly handled certain paths when being used in FastCGI configurations. A remote attacker could possibly use this issue to execute arbitrary code.

28 October 2019

USN-4165-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, bypass content security policy (CSP)…

23 October 2019

USN-4164-1: Libxslt vulnerabilities

It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118) It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to execute arbitrary…

22 October 2019

USN-4161-1: Linux kernel vulnerability

It was discovered that the IPv6 routing implementation in the Linux kernel contained a reference counting error leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

21 October 2019

USN-4159-1: Exiv2 vulnerability

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

21 October 2019

USN-4155-2: Aspell vulnerability

USN-4155-1 fixed a vulnerability in Aspell. This update provides the corresponding update for Ubuntu 19.10. Original advisory details: It was discovered that Aspell incorrectly handled certain inputs. An attacker could potentially access sensitive information.

21 October 2019