[opensuse-announce] openSUSE Board 2018 Elections

This that time of year again. There will be 3 seats to be elected, all
for a standard 2 year term:

1/ 2018-02-26(Phase 0)

Announcement of the openSUSE Board election for 2018.
Start of 3 week period to apply for an openSUSE membership (in order to
vote or candidate).
Start of 3 week phase to stand for a position in the openSUSE Board.

2/ 2018-03-11

Notification of intent to run, and application for an openSUSE
membership close (end of phase 0).

3/ 2018-03-12(Phase 1)

Start of campaign for the candidates before the ballots open (campaign
might be done until ballots close).

4/ 2018-04-2 (Phase 2)

Ballots open: Please cast your vote here!

5/ 2018-04-13

Ballots close (end of phase 2)

6/ 2018-04-16

Announcement of the results


--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org

[announce] Open Letter from The Tor BSD Diversity Project

Greetings.

This letter has started circulating around the community, and should be
of interest to both talk@ and announce@ subscribers. Note that the two
New York Internet boxes are up and running, and their two relays should
be operational in the next day or two.

https://torbsd.org/open-letter.html

****

An Open Letter to BSD-powered Companies and Projects

For three years, the Tor BSD Diversity Project (TDP) has worked to bring
the BSDs into the mainstream of the privacy-enhancing technology
ecosystem (PETs).

We aim to expand the use of the BSDs as a platform for Tor relays,
public nodes in the Tor anonymity network. Tor is a critical tool for
maintaining privacy online, frequently employed by journalists, human
rights workers and those residing in repressive and censored environments.

Many people in the BSD community know about TDP, whether from BSD
conferences or our development work, such as porting Tor Browser to
OpenBSD. We are committed to extending the presence of all the BSDs into
the PETs ecosystem, yet beyond our immediate circles we also believe
untapped resources in the BSD community need to be enlisted.

A large number of major firms employ BSD code and systems in their
business. From enterprise-grade backup firms to internet service
providers, the BSDs are a popular operating system option.

TDP is requesting that firms which rely on the BSDs and related
open-source projects run a Tor relay or bridge in their name.

New York Internet, a data center firm that employs FreeBSD and already
hosts the US east coast FreeBSD mirror, committed to running two
high-bandwidth relays, maintained by their staff with TDP assistance.
Their relays are provisioned and "NewYorkInternet0" and
"NewYorkInternet1" should be up and running soon. We hope their example
can be the first among many for BSD-based enterprises.

TDP is in discussions with several other entities to run public relays,
and we look forward to other announcements in the near future.

This open letter also is addressed to the various BSD software projects.
There are few better badges of a trusted Tor node than one provided by a
BSD or derivative project.

Why would a firm or project operate a Tor relay?

First, running a Tor relay extends the most critical public tool for
online privacy and anonymity. Tor enables journalists' leads to be
anonymous and client-attorney privilege to actually be confidential. In
a time when privacy in any form is under attack Tor is a lifeline for
many people.

Second, the majority of Tor relays run Linux. This operating system
monoculture affects the overall integrity of the Tor network. It also
means that the default operating system for a new generation of young
hackers is Linux, and not a BSD. Ultimately, it means a smaller pool of
users familiar with the BSDs.

Running a Tor relay doesn't mean a significant commitment in terms of
resources and bandwidth. The relay doesn't necessarily have to allow
"exit traffic", which tend to be the targets for IP blacklists and DCMA
complaints. It would also be helpful if your entity just ran a Tor
bridge, essentially a private gateway into the Tor network for censored
users. Bridge IPs are not publicly available, yet are a critical
mitigation against internet censors.

Finally, there is a broader advantage to BSD firms running Tor relays:
an example of your commitment to a free and uncensored internet.

Beyond running a relay to support the Tor network in general, there is
also the possibility of making your own services available over the Tor
network via a .onion address. Firms such as Facebook illustrate the
advantage of explicitly offering a .onion address for their site, as it
provides users additional security and privacy guarantees above and
beyond those given by the public internet. Integrating Tor into your
internet presence may be more work than just running a Tor node, but it
also gives more weight to the idea that privacy is a feature that users
need, desire and can reasonably expect.

If you have further questions about running a Tor relay or bridge as an
enterprise, consult our evolving FAQ, or contact us.

If your entity isn't ready to run a Tor node, but you're interested in
donating resources such as bandwidth, hardware or some type of monetary
support, contact us. TDP looks forward to assisting your staff in
configuring and maintaining BSD relays.

TorBSD@torbsd.org (GPG Key)

_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

[USN-3579-2] LibreOffice regression

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJal0NdAAoJEGEfvezVlG4PB4IIAJtk213ZOsMfd8YxFG8p82rx
SfA49eK5h+KUxxKPyQwpFf3Nh/YVZoPpm+RmUFimN+3wzCAEvb/rh/1pWWXCwezw
rRGmGw5iBO6Vz3bIRgo85CGCtf7cK7iDzaAhIiJ6OTDmkPnncQ3roLJi3XAwKHPM
jyVsIhZU+pZRKPot/MKNTISKmuhjhHfC7CR+onbOC3hAHQDxKB2jjnOeVXKKI7vl
FOjNgbm4tgCS0yyvUzFbtry9DatkHmwzRtziHCXKo7xNf/mfFTj0o76V3RhC1psk
a+ZKhb0ZwFtB0HzeAhxc1T8OaVpkhy6rtANn6BzpvkcfX7qBpMZbAiflWO0UVck=
=rItp
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3579-2
February 28, 2018

libreoffice regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10

Summary:

USN-3579-1 caused a regression in LibreOffice.

Software Description:
- libreoffice: Office productivity suite

Details:

USN-3579-1 fixed a vulnerability in LibreOffice. After upgrading, it was
no longer possible for LibreOffice to open documents from certain
locations outside of the user's home directory. This update fixes the
problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that =WEBSERVICE calls in a document could be used to
read arbitrary files. If a user were tricked in to opening a specially
crafted document, a remote attacker could exploit this to obtain sensitive
information. (CVE-2018-6871)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
libreoffice-common 1:5.4.5-0ubuntu0.17.10.4

After a standard system update you need to restart LibreOffice to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3579-2
https://usn.ubuntu.com/usn/usn-3579-1
https://launchpad.net/bugs/1751005

Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/1:5.4.5-0ubuntu0.17.10.4

OpenBSD Errata: March 1st, 2018 (meltdown)

Errata patches for a speculative execution flaw in Intel CPUs have been
released for OpenBSD 6.2 and 6.1.

Intel CPUs contain a flaw called "Meltdown" which allows userspace programs
to access kernel memory.

Binary updates for the amd64 platform are available via the syspatch utility.
Source code patches can be found on the respective errata pages:

https://www.openbsd.org/errata61.html
https://www.openbsd.org/errata62.html

As these affect the kernel, a reboot will be needed after patching.

[CentOS-announce] CESA-2018:0350 Important CentOS 7 gcab Security Update

CentOS Errata and Security Advisory 2018:0350 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0350

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
f172ac9bbbbc30f74002bfd179ca8c5e3bafdfd3932446c8f7029b1524bcf1d4 gcab-0.7-4.el7_4.x86_64.rpm
14dd5e016d3a137a398061627c36c9d39e5b48e1e90cb69ac8055bcd3b9eeeac libgcab1-0.7-4.el7_4.i686.rpm
57a7bcffe10f0f231769d7d95185c4ae9960512874b72a08616ad31943581504 libgcab1-0.7-4.el7_4.x86_64.rpm
954395631dcba4a37c80feec8cd6357ca04863ff1ae4d64f14023c64072b4d87 libgcab1-devel-0.7-4.el7_4.i686.rpm
fec5a948fdae12f5a0c62bc54fde879be283e1605462e7ba834ad863ca78ee2c libgcab1-devel-0.7-4.el7_4.x86_64.rpm

Source:
25fd25e04b094da2fb0bd53595f11902fcc9c784ba9d470ac7c6281fb1f8cbc0 gcab-0.7-4.el7_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2018:0349 Important CentOS 7 java-1.7.0-openjdk Security Update

CentOS Errata and Security Advisory 2018:0349 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0349

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
6f912645f951cbaa4bdecf0e8ebf94989d449347354b523cf564cc1878f4cf6d java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el7_4.x86_64.rpm
9cf6333d77597fa9105ffd9dfbda0834d1559d5c8ea96b2c534d52e351ccb22d java-1.7.0-openjdk-accessibility-1.7.0.171-2.6.13.0.el7_4.x86_64.rpm
3488e88d268a606ff504c7fce522979574840a4bc3622329d0f1937cf25809a0 java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el7_4.x86_64.rpm
db2bacd8b44684ed3ec345312a5735a30cb43522e685b6b50b7952949242b9ae java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el7_4.x86_64.rpm
682a3b811be97f896cc96cacb8a0305bc36a144579868fa7db8f3b80447a319e java-1.7.0-openjdk-headless-1.7.0.171-2.6.13.0.el7_4.x86_64.rpm
261e18e5fe67c742c69eefcdd60172d866aafd2c36e31dfe12afffdd464f22be java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el7_4.noarch.rpm
0b80b903b2e1dda0bb1b19f5bab3f5ea56fb3ab0418004ffbc05d0169ac55677 java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el7_4.x86_64.rpm

Source:
0638716bc311fcd8b41c25eb918957d9bcc8d8d90bbff6becfbad8e12a2f2805 java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el7_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2018:0349 Important CentOS 6 java-1.7.0-openjdk Security Update

CentOS Errata and Security Advisory 2018:0349 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0349

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
25621bf1dabaf8d41c99d1442ce2cd88eb00635ac1197bc5d4af967edb640911 java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el6_9.i686.rpm
fd90cfe03e59ba60e0f7839ecab2320c49fc6279ea484c71a430d930c907e29a java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el6_9.i686.rpm
b06939f1a4c10e735464804d50f0cb41a1b33a3f1f23652bbcfc730c3e841a17 java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el6_9.i686.rpm
8b1c571ceafaa9ef20510f0aed1b6986e5e138f9c61650c380678df7479759bb java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el6_9.noarch.rpm
0af4d015904759c1baa612ec873ff249ce01114c770961f7cb1663b7923acba1 java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el6_9.i686.rpm

x86_64:
a2fbc3409ece060461e3078e6c89574130ef5b3c61296619a1f92f22938116e2 java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el6_9.x86_64.rpm
5f9392cda539d562e03fd78928fc13e08dc7800ebbbdeefd6f10ca0f5afadffe java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el6_9.x86_64.rpm
a37bab5c919e367a443d66a67959aad210f2819b7e5a16fb349b462d7347129c java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el6_9.x86_64.rpm
8b1c571ceafaa9ef20510f0aed1b6986e5e138f9c61650c380678df7479759bb java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el6_9.noarch.rpm
6fc3136630f186350a4d77543fa62048dee2da8702cbd4dad8b840d844113663 java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el6_9.x86_64.rpm

Source:
fdf94e5cfc95f0556f3e1171ad8a2d1dc462d84ed4c611786ff058e2fe1189cb java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el6_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

REMINDER: Fedora 28 Change Checkpoint: 100% Code Complete Deadline & Beta Freeze in 1 week

The next Tuesday, on 2018-Mar-06, we will reach two important
milestones of the Fedora 28 release [1]:

== Change Checkpoint: 100% Code Complete Deadline [2] ==
* New accepted changes must be code complete, meaning all the code
required to enable to the new change is finished.
* The level of code completeness is reflected as tracker bug state
ON_QA. The change does not have to be fully tested by this deadline.

== Beta Freeze [3] ==
Only packages which fix accepted blocker or freeze exception bugs [4]
will be marked as 'stable' and included in the Beta composes. Other
builds will remain in updates-testing until the Beta release is
approved, at which point the Beta freeze is lifted and packages can
move to 'stable' as usual until the Final freeze.

[1] https://fedoraproject.org/wiki/Releases/28/Schedule
[2] https://fedoraproject.org/wiki/Changes/Policy
[3] https://fedoraproject.org/wiki/Milestone_freezes
[4] https://qa.fedoraproject.org/blockerbugs/milestone/28/beta/buglist

Regards,
Jan
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

[USN-3584-1] sensible-utils vulnerability

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJalDQ1AAoJEGVp2FWnRL6T3G4P+wTdlpNQBsLwEW70p5l6sF8d
4fw9IjshoLbC7IPY7L0Dj3QAbsLy9cDtd5jXBLM7ygAPqt8b+0tCVUvIZGFJrXf4
oI3Fif7ZLpbxL9UjUQpE8OxChWdzfDqlQFMl1pAOvmXUfv1VuLwoXg9UDTZ+X062
Y57ucjefwWbV6ljCiV4JKbjrLZnLmVhDKToIiVapW5glK5fg7TZ+myjyQlrIB+iV
u/Su2Ophjtzk0wSlG6EW0Hq+u7mtrCcH6INNJl5FnknHZMLgTSywFh7guzrABgWk
7CU6wuAYKfAsbJlKlJ/cWkxFGf2gI3TJvhF4y7in4k/OmbhveU1QkSVxedntqmim
z6hZcJWlmObl4e3lt02c0Gs9oO0Nm9UeBHvuPq87sTTjoEbysi6bfBD0bQKDn/sL
SRNtOPsR5HDsG6JMssr/Hzql9lw7t1WqVNuEpp2j1zZim8Hcr0ZF5xZUWvE7brJg
jqKn5A0GavGhPirkdOi7vBRk6Yr/FaOhnVX+NMpL1etKjUOjuvCvqAf7JIliacAd
c4F1rbLZu2zNBOAU9pad//EnVnXOxw9PaokphaAzwP0ygwP1m+IKla/quvFhHQjj
Ps/uaU4tqMctSjZxjRVIEc0aLQ7ifzcrgnZk8EP4NcJ2jbAND6uu9Mf1sCRemtm+
yPv9DjJ+AByLwQrjGmr4
=eWGh
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3584-1
February 26, 2018

sensible-utils vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

sensible-utils could be made to run programs as your login if it opened a
malicious URL.

Software Description:
- sensible-utils: Utilities for sensible alternative selection

Details:

Gabriel Corona discovered that sensible-utils incorrectly validated strings
when launcher a browser with the sensible-browser tool. A remote attacker
could possibly use this issue with a specially crafted URL to conduct an
argument injection attack and execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
sensible-utils 0.0.10ubuntu0.1

Ubuntu 16.04 LTS:
sensible-utils 0.0.9ubuntu0.16.04.1

Ubuntu 14.04 LTS:
sensible-utils 0.0.9ubuntu0.14.04.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3584-1
CVE-2017-17512

Package Information:
https://launchpad.net/ubuntu/+source/sensible-utils/0.0.10ubuntu0.1
https://launchpad.net/ubuntu/+source/sensible-utils/0.0.9ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/sensible-utils/0.0.9ubuntu0.14.04.1

Fedora 28 Spins page: spin/labs owners please test

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESz7rprBJHpbnMnrQSzew2A/7u14FAlqQPlcACgkQSzew2A/7
u176aRAAyciLKoA9t5NS5x8tpOf6oXzVmcrMa37ig+hPqMsaWVr2zP94wCKUTCEC
80KuGl3SlltHFdwgmERngfbAuXjRQejYJu1BLarn6xBsJnLjGqCW8tdlTRBGVUbF
hEJ5e2/frEk9fpsg26naFDzN77vJ4Et/BJ646vWgGVSiGd2haMUDLJRK/Wr3H6x3
py3Jo8+9Pi2imdbF0MNPV1nKhdK/fxMkfV5+jNRFrPYhkK3o/uDvjepaHDghkKJh
VEMEbx+Myq/fRiSuc/QkZ1AUFXpA2ndonI3atzQizA4GhzLgjnkElZuQFqr5WNxB
BHPi7IciKo9+eZhyjhykpq20UfAkeea2U9AbwWbgcZU6Wkkcv3iYB2Ct4mVxCOSY
CJ29P4Pks1PW9yrY0BfwTNafug/OZHNj06KfbuGCbX+rvmZaaxOmRpiPjsoakhCP
Qk9IWoKP7Gc6EpO5APR3CpiV1dCuDYUddR6+RYhXZGeJIb8yIZQQXx1Pvq7rw6WS
vvlGz1AfKtHA0ANPt2nSTjS7tUDCjWoUoEOjwkmu2dJgtXXR45gxxbk3Z4PGE2N6
xSQ0t8pwnmgg/Flt5ndTtmTVipQG+yNwH77dfum5qm7dQqm9h5N0PL+4aJuhrmOU
PiLFc3BrFHrK+UNwXuitu4YVNqReEGXIR9TGDNvo4VkcN4mdCVY=
=9Mg1
-----END PGP SIGNATURE-----
Greetings.

Per this fesco ticket:
https://pagure.io/fesco/issue/1714

I have created the Fedora 28 spins/labs page:
https://fedoraproject.org/wiki/Releases/28/Spins

All spin maintainers/owners/interested parties should test their spins
and at least update this wiki page with beta/final testing. Spins that
don't have at least one tester at Beta may be dropped and not shipped in
Final, so PLEASE make sure at least someone tests.

Spin maintainers are also encouraged to test their spin more often and
make sure it's composing correctly every day for Branched f28 and rawhide.

Thanks,

kevin

[USN-3583-1] Linux kernel vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3583-1
February 23, 2018

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel

Details:

It was discovered that an out-of-bounds write vulnerability existed in the
Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could
construct a malicious file system that, when mounted, could cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-0750)

It was discovered that a race condition leading to a use-after-free
vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-0861)

It was discovered that the KVM implementation in the Linux kernel allowed
passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM
could use this to cause a denial of service (system crash) in the host OS.
(CVE-2017-1000407)

Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling certain
requests. A local attacker with the CAP_NET_ADMIN could use this to cause a
denial of service (system crash). (CVE-2017-12153)

Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel
did not properly track reference counts when merging buffers. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2017-12190)

It was discovered that the key management subsystem in the Linux kernel did
not properly restrict key reads on negatively instantiated keys. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2017-12192)

It was discovered that an integer overflow existed in the sysfs interface
for the QLogic 24xx+ series SCSI driver in the Linux kernel. A local
privileged attacker could use this to cause a denial of service (system
crash). (CVE-2017-14051)

Otto Ebeling discovered that the memory manager in the Linux kernel did not
properly check the effective UID in some situations. A local attacker could
use this to expose sensitive information. (CVE-2017-14140)

It was discovered that the ATI Radeon framebuffer driver in the Linux
kernel did not properly initialize a data structure returned to user space.
A local attacker could use this to expose sensitive information (kernel
memory). (CVE-2017-14156)

ChunYu Wang discovered that the iSCSI transport implementation in the Linux
kernel did not properly validate data structures. A local attacker could
use this to cause a denial of service (system crash). (CVE-2017-14489)

James Patrick-Evans discovered a race condition in the LEGO USB Infrared
Tower driver in the Linux kernel. A physically proximate attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-15102)

ChunYu Wang discovered that a use-after-free vulnerability existed in the
SCTP protocol implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code, (CVE-2017-15115)

It was discovered that the key management subsystem in the Linux kernel did
not properly handle NULL payloads with non-zero length values. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2017-15274)

It was discovered that the Bluebooth Network Encapsulation Protocol (BNEP)
implementation in the Linux kernel did not validate the type of socket
passed in the BNEPCONNADD ioctl(). A local attacker with the CAP_NET_ADMIN
privilege could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-15868)

Andrey Konovalov discovered a use-after-free vulnerability in the USB
serial console driver in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2017-16525)

It was discovered that the netfilter passive OS fingerprinting (xt_osf)
module did not properly perform access control checks. A local attacker
could improperly modify the systemwide OS fingerprint list.
(CVE-2017-17450)

It was discovered that the HMAC implementation did not validate the state
of the underlying cryptographic hash algorithm. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-17806)

Denys Fedoryshchenko discovered a use-after-free vulnerability in the
netfilter xt_TCPMSS filter of the Linux kernel. A remote attacker could use
this to cause a denial of service (system crash). (CVE-2017-18017)

Gareth Evans discovered that the shm IPC subsystem in the Linux kernel did
not properly restrict mapping page zero. A local privileged attacker could
use this to execute arbitrary code. (CVE-2017-5669)

It was discovered that an integer overflow vulnerability existing in the
IPv6 implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (infinite loop). (CVE-2017-7542)

Tommi Rantala and Brad Spengler discovered that the memory manager in the
Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection
mechanism. A local attacker with access to /dev/mem could use this to
expose sensitive information or possibly execute arbitrary code.
(CVE-2017-7889)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

Mohamed Ghannam discovered a null pointer dereference in the RDS (Reliable
Datagram Sockets) protocol implementation of the Linux kernel. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-5333)

范龙飞 discovered that a race condition existed in loop block device
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5344)

USN-3524-1 mitigated CVE-2017-5754 (Meltdown) for the amd64
architecture in Ubuntu 14.04 LTS. This update provides the
corresponding mitigations for the ppc64el architecture. Original
advisory details:

Jann Horn discovered that microprocessors utilizing speculative execution
and indirect branch prediction may allow unauthorized memory reads via
sidechannel attacks. This flaw is known as Meltdown. A local attacker could
use this to expose sensitive information, including kernel memory.
(CVE-2017-5754)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-3.13.0-142-generic 3.13.0-142.191
linux-image-3.13.0-142-generic-lpae 3.13.0-142.191
linux-image-3.13.0-142-lowlatency 3.13.0-142.191
linux-image-3.13.0-142-powerpc-e500 3.13.0-142.191
linux-image-3.13.0-142-powerpc-e500mc 3.13.0-142.191
linux-image-3.13.0-142-powerpc-smp 3.13.0-142.191
linux-image-3.13.0-142-powerpc64-emb 3.13.0-142.191
linux-image-3.13.0-142-powerpc64-smp 3.13.0-142.191
linux-image-generic 3.13.0.142.152
linux-image-generic-lpae 3.13.0.142.152
linux-image-lowlatency 3.13.0.142.152
linux-image-powerpc-e500 3.13.0.142.152
linux-image-powerpc-e500mc 3.13.0.142.152
linux-image-powerpc-smp 3.13.0.142.152
linux-image-powerpc64-emb 3.13.0.142.152
linux-image-powerpc64-smp 3.13.0.142.152

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3583-1
CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153,
CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140,
CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115,
CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450,
CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-5754,
CVE-2017-7542, CVE-2017-7889, CVE-2017-8824, CVE-2018-5333,
CVE-2018-5344

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-142.191

[USN-3583-2] Linux kernel (Trusty HWE) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3583-2
February 23, 2018

linux-lts-trusty vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM

Details:

USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 ESM.

It was discovered that an out-of-bounds write vulnerability existed in the
Flash-Friendly File System (f2fs) in the Linux kernel. An attacker could
construct a malicious file system that, when mounted, could cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2017-0750)

It was discovered that a race condition leading to a use-after-free
vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2017-0861)

It was discovered that the KVM implementation in the Linux kernel allowed
passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM
could use this to cause a denial of service (system crash) in the host OS.
(CVE-2017-1000407)

Bo Zhang discovered that the netlink wireless configuration interface in
the Linux kernel did not properly validate attributes when handling certain
requests. A local attacker with the CAP_NET_ADMIN could use this to cause a
denial of service (system crash). (CVE-2017-12153)

Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel
did not properly track reference counts when merging buffers. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2017-12190)

It was discovered that the key management subsystem in the Linux kernel did
not properly restrict key reads on negatively instantiated keys. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2017-12192)

It was discovered that an integer overflow existed in the sysfs interface
for the QLogic 24xx+ series SCSI driver in the Linux kernel. A local
privileged attacker could use this to cause a denial of service (system
crash). (CVE-2017-14051)

Otto Ebeling discovered that the memory manager in the Linux kernel did not
properly check the effective UID in some situations. A local attacker could
use this to expose sensitive information. (CVE-2017-14140)

It was discovered that the ATI Radeon framebuffer driver in the Linux
kernel did not properly initialize a data structure returned to user space.
A local attacker could use this to expose sensitive information (kernel
memory). (CVE-2017-14156)

ChunYu Wang discovered that the iSCSI transport implementation in the Linux
kernel did not properly validate data structures. A local attacker could
use this to cause a denial of service (system crash). (CVE-2017-14489)

James Patrick-Evans discovered a race condition in the LEGO USB Infrared
Tower driver in the Linux kernel. A physically proximate attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-15102)

ChunYu Wang discovered that a use-after-free vulnerability existed in the
SCTP protocol implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code, (CVE-2017-15115)

It was discovered that the key management subsystem in the Linux kernel did
not properly handle NULL payloads with non-zero length values. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2017-15274)

It was discovered that the Bluebooth Network Encapsulation Protocol (BNEP)
implementation in the Linux kernel did not validate the type of socket
passed in the BNEPCONNADD ioctl(). A local attacker with the CAP_NET_ADMIN
privilege could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-15868)

Andrey Konovalov discovered a use-after-free vulnerability in the USB
serial console driver in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2017-16525)

It was discovered that the netfilter passive OS fingerprinting (xt_osf)
module did not properly perform access control checks. A local attacker
could improperly modify the systemwide OS fingerprint list.
(CVE-2017-17450)

It was discovered that the HMAC implementation did not validate the state
of the underlying cryptographic hash algorithm. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-17806)

Denys Fedoryshchenko discovered a use-after-free vulnerability in the
netfilter xt_TCPMSS filter of the Linux kernel. A remote attacker could use
this to cause a denial of service (system crash). (CVE-2017-18017)

Gareth Evans discovered that the shm IPC subsystem in the Linux kernel did
not properly restrict mapping page zero. A local privileged attacker could
use this to execute arbitrary code. (CVE-2017-5669)

It was discovered that an integer overflow vulnerability existing in the
IPv6 implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (infinite loop). (CVE-2017-7542)

Tommi Rantala and Brad Spengler discovered that the memory manager in the
Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection
mechanism. A local attacker with access to /dev/mem could use this to
expose sensitive information or possibly execute arbitrary code.
(CVE-2017-7889)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

Mohamed Ghannam discovered a null pointer dereference in the RDS (Reliable
Datagram Sockets) protocol implementation of the Linux kernel. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-5333)

范龙飞 discovered that a race condition existed in loop block device
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5344)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
linux-image-3.13.0-142-generic 3.13.0-142.191~precise1
linux-image-3.13.0-142-generic-lpae 3.13.0-142.191~precise1
linux-image-generic-lpae-lts-trusty 3.13.0.142.133
linux-image-generic-lts-trusty 3.13.0.142.133

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3583-2
https://usn.ubuntu.com/usn/usn-3583-1
CVE-2017-0750, CVE-2017-0861, CVE-2017-1000407, CVE-2017-12153,
CVE-2017-12190, CVE-2017-12192, CVE-2017-14051, CVE-2017-14140,
CVE-2017-14156, CVE-2017-14489, CVE-2017-15102, CVE-2017-15115,
CVE-2017-15274, CVE-2017-15868, CVE-2017-16525, CVE-2017-17450,
CVE-2017-17806, CVE-2017-18017, CVE-2017-5669, CVE-2017-7542,
CVE-2017-7889, CVE-2017-8824, CVE-2018-5333, CVE-2018-5344

[USN-3581-3] Linux kernel (Raspberry Pi 2) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3581-3
February 23, 2018

linux-raspi2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-raspi2: Linux kernel for Raspberry Pi 2

Details:

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the
Linux kernel contained a race condition leading to uninitialized pointer
usage. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2017-17712)

ChunYu Wang discovered that a use-after-free vulnerability existed in the
SCTP protocol implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code, (CVE-2017-15115)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
linux-image-4.13.0-1014-raspi2 4.13.0-1014.15
linux-image-raspi2 4.13.0.1014.12

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3581-3
https://usn.ubuntu.com/usn/usn-3581-1
CVE-2017-15115, CVE-2017-17712, CVE-2017-8824

Package Information:
https://launchpad.net/ubuntu/+source/linux-raspi2/4.13.0-1014.15

[LSN-0035-1] Linux kernel vulnerability

==========================================================================
Kernel Live Patch Security Notice LSN-0035-1
February 22, 2018

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu:

| Series | Base kernel | Arch | flavors |
|------------------+--------------+----------+------------------|
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |

Summary:

On February 22, fixes for CVE-2017-5715 were released into the Ubuntu Xenial
kernel version 4.4.0-116.140. This CVE, also known as "Spectre," is caused
by flaws in the design of speculative execution hardware in the computer's
CPU, and could be used to access sensitive information in kernel memory.

The mitigation for "Spectre" is accomplished using retpoline, a new compiler
feature that prevents speculation when an indirect call is made. Unfortunately,
it is not possible to generate a livepatch when a compiler change is required
by a fix, as livepatches must be generated with the same compiler as the
target kernel. Please plan to reboot into kernel version 4.4.0-116.140 or
newer as soon as possible.

Additional details on the vulnerability and our response can be found here:
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

Software Description:
- linux: Linux kernel

Update instructions:

The problem can be corrected by installing an updated kernel with these
fixes and rebooting.

References:
CVE-2017-5715

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

[USN-3578-1] WavPack vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3578-1
February 22, 2018

wavpack vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10

Summary:

Several security issues were fixed in WavPack.

Software Description:
- wavpack: audio codec (lossy and lossless) - encoder and decoder

Details:

It was discovered that WavPack incorrectly handled certain DSDIFF
files. An attacker could possibly use this to execute arbitrary code or
cause a denial of service. (CVE-2018-7253)

It was discovered that WavPack incorrectly handled certain CAF files.
An attacker could possibly use this to cause a denial of service.
(CVE-2018-7254)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
  libwavpack1                     5.1.0-2ubuntu0.2
  wavpack                         5.1.0-2ubuntu0.2

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3578-1
  CVE-2018-7253, CVE-2018-7254

Package Information:
  https://launchpad.net/ubuntu/+source/wavpack/5.1.0-2ubuntu0.2

[USN-3582-2] Linux kernel (Xenial HWE) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3582-2
February 22, 2018

linux-lts-xenial, linux-aws vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the
Linux kernel contained a race condition leading to uninitialized pointer
usage. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2017-17712)

Laurent Guerby discovered that the mbcache feature in the ext2 and ext4
filesystems in the Linux kernel improperly handled xattr block caching. A
local attacker could use this to cause a denial of service. (CVE-2015-8952)

Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel
did not properly track reference counts when merging buffers. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2017-12190)

ChunYu Wang discovered that a use-after-free vulnerability existed in the
SCTP protocol implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code, (CVE-2017-15115)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

USN-3540-2 mitigated CVE-2017-5715 (Spectre Variant 2) for the
amd64 architecture in Ubuntu 14.04 LTS. This update provides the
compiler-based retpoline kernel mitigation for the amd64 and i386
architectures. Original advisory details:

Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory. (CVE-2017-5715)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-4.4.0-1014-aws 4.4.0-1014.14
linux-image-4.4.0-116-generic 4.4.0-116.140~14.04.1
linux-image-4.4.0-116-generic-lpae 4.4.0-116.140~14.04.1
linux-image-4.4.0-116-lowlatency 4.4.0-116.140~14.04.1
linux-image-4.4.0-116-powerpc-e500mc 4.4.0-116.140~14.04.1
linux-image-4.4.0-116-powerpc-smp 4.4.0-116.140~14.04.1
linux-image-4.4.0-116-powerpc64-emb 4.4.0-116.140~14.04.1
linux-image-4.4.0-116-powerpc64-smp 4.4.0-116.140~14.04.1
linux-image-aws 4.4.0.1014.14
linux-image-generic-lpae-lts-xenial 4.4.0.116.98
linux-image-generic-lts-xenial 4.4.0.116.98
linux-image-lowlatency-lts-xenial 4.4.0.116.98
linux-image-powerpc-e500mc-lts-xenial 4.4.0.116.98
linux-image-powerpc-smp-lts-xenial 4.4.0.116.98
linux-image-powerpc64-emb-lts-xenial 4.4.0.116.98
linux-image-powerpc64-smp-lts-xenial 4.4.0.116.98

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3582-2
https://usn.ubuntu.com/usn/usn-3582-1
CVE-2015-8952, CVE-2017-12190, CVE-2017-15115, CVE-2017-17712,
CVE-2017-5715, CVE-2017-8824

Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1014.14
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-116.140~14.04.1

[USN-3582-1] Linux kernel vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3582-1
February 22, 2018

linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-raspi2: Linux kernel for Raspberry Pi 2
- linux-snapdragon: Linux kernel for Snapdragon processors

Details:

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the
Linux kernel contained a race condition leading to uninitialized pointer
usage. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2017-17712)

Laurent Guerby discovered that the mbcache feature in the ext2 and ext4
filesystems in the Linux kernel improperly handled xattr block caching. A
local attacker could use this to cause a denial of service. (CVE-2015-8952)

Vitaly Mayatskikh discovered that the SCSI subsystem in the Linux kernel
did not properly track reference counts when merging buffers. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2017-12190)

ChunYu Wang discovered that a use-after-free vulnerability existed in the
SCTP protocol implementation in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code, (CVE-2017-15115)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

USN-3540-1 mitigated CVE-2017-5715 (Spectre Variant 2) for the
amd64 architecture in Ubuntu 16.04 LTS. This update provides the
compiler-based retpoline kernel mitigation for the amd64 and i386
architectures. Original advisory details:

Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory. (CVE-2017-5715)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-1019-kvm 4.4.0-1019.24
linux-image-4.4.0-1052-aws 4.4.0-1052.61
linux-image-4.4.0-1085-raspi2 4.4.0-1085.93
linux-image-4.4.0-1087-snapdragon 4.4.0-1087.92
linux-image-4.4.0-116-generic 4.4.0-116.140
linux-image-4.4.0-116-generic-lpae 4.4.0-116.140
linux-image-4.4.0-116-lowlatency 4.4.0-116.140
linux-image-4.4.0-116-powerpc-e500mc 4.4.0-116.140
linux-image-4.4.0-116-powerpc-smp 4.4.0-116.140
linux-image-4.4.0-116-powerpc64-emb 4.4.0-116.140
linux-image-4.4.0-116-powerpc64-smp 4.4.0-116.140
linux-image-aws 4.4.0.1052.54
linux-image-generic 4.4.0.116.122
linux-image-generic-lpae 4.4.0.116.122
linux-image-kvm 4.4.0.1019.18
linux-image-lowlatency 4.4.0.116.122
linux-image-powerpc-e500mc 4.4.0.116.122
linux-image-powerpc-smp 4.4.0.116.122
linux-image-powerpc64-emb 4.4.0.116.122
linux-image-powerpc64-smp 4.4.0.116.122
linux-image-raspi2 4.4.0.1085.85
linux-image-snapdragon 4.4.0.1087.79

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3582-1
CVE-2015-8952, CVE-2017-12190, CVE-2017-15115, CVE-2017-17712,
CVE-2017-5715, CVE-2017-8824

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-116.140
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1052.61
https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1019.24
https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1085.93
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1087.92

[USN-3581-2] Linux kernel (HWE) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3581-2
February 22, 2018

linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-oem: Linux kernel for OEM processors

Details:

USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS.

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the
Linux kernel contained a race condition leading to uninitialized pointer
usage. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2017-17712)

ChunYu Wang discovered that a use-after-free vulnerability existed
in the SCTP protocol implementation in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code, (CVE-2017-15115)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

USN-3541-2 mitigated CVE-2017-5715 (Spectre Variant 2) for the
amd64 architecture in Ubuntu 16.04 LTS. This update provides the
compiler-based retpoline kernel mitigation for the amd64 and i386
architectures. Original advisory details:

Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory. (CVE-2017-5715)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.13.0-1011-azure 4.13.0-1011.14
linux-image-4.13.0-1011-gcp 4.13.0-1011.15
linux-image-4.13.0-1021-oem 4.13.0-1021.23
linux-image-4.13.0-36-generic 4.13.0-36.40~16.04.1
linux-image-4.13.0-36-generic-lpae 4.13.0-36.40~16.04.1
linux-image-4.13.0-36-lowlatency 4.13.0-36.40~16.04.1
linux-image-azure 4.13.0.1011.12
linux-image-gcp 4.13.0.1011.13
linux-image-generic-hwe-16.04 4.13.0.36.55
linux-image-generic-lpae-hwe-16.04 4.13.0.36.55
linux-image-gke 4.13.0.1011.13
linux-image-lowlatency-hwe-16.04 4.13.0.36.55
linux-image-oem 4.13.0.1021.25

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3581-2
https://usn.ubuntu.com/usn/usn-3581-1
CVE-2017-15115, CVE-2017-17712, CVE-2017-5715, CVE-2017-8824

Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/4.13.0-1011.14
https://launchpad.net/ubuntu/+source/linux-gcp/4.13.0-1011.15
https://launchpad.net/ubuntu/+source/linux-hwe/4.13.0-36.40~16.04.1
https://launchpad.net/ubuntu/+source/linux-oem/4.13.0-1021.23

[USN-3581-1] Linux kernel vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3581-1
February 22, 2018

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel

Details:

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the
Linux kernel contained a race condition leading to uninitialized pointer
usage. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2017-17712)

ChunYu Wang discovered that a use-after-free vulnerability existed
in the SCTP protocol implementation in the Linux kernel. A local
attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code, (CVE-2017-15115)

Mohamed Ghannam discovered a use-after-free vulnerability in the DCCP
protocol implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-8824)

USN-3541-1 mitigated CVE-2017-5715 (Spectre Variant 2) for the
amd64 architecture in Ubuntu 17.10. This update provides the
compiler-based retpoline kernel mitigation for the amd64 and i386
architectures. Original advisory details:

Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory. (CVE-2017-5715)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
linux-image-4.13.0-36-generic 4.13.0-36.40
linux-image-4.13.0-36-generic-lpae 4.13.0-36.40
linux-image-4.13.0-36-lowlatency 4.13.0-36.40
linux-image-generic 4.13.0.36.38
linux-image-generic-lpae 4.13.0.36.38
linux-image-lowlatency 4.13.0.36.38

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3581-1
CVE-2017-15115, CVE-2017-17712, CVE-2017-5715, CVE-2017-8824

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.13.0-36.40

[arch-announce] zita-resampler 1.6.0-1 -> 2 update requires manual intervention

The zita-resampler 1.6.0-1 package was missing a library symlink that has been readded in 1.6.0-2. If you installed 1.6.0-1, ldconfig would have created this symlink at install time, and it will conflict with the one included in 1.6.0-2. In that case, remove /usr/lib/libzita-resampler.so.1 manually before updating.

URL: https://www.archlinux.org/news/zita-resampler-160-1-2-update-requires-manual-intervention/
_______________________________________________
arch-announce mailing list
arch-announce@archlinux.org
https://lists.archlinux.org/listinfo/arch-announce

[USN-3580-1] Linux kernel vulnerabilities

==========================================================================
Ubuntu Security Notice USN-3580-1
February 22, 2018

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel

Details:

Jann Horn discovered that microprocessors utilizing speculative execution
and branch prediction may allow unauthorized memory reads via sidechannel
attacks. This flaw is known as Spectre. A local attacker could use this to
expose sensitive information, including kernel memory.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
linux-image-3.2.0-133-generic 3.2.0-133.179
linux-image-3.2.0-133-generic-pae 3.2.0-133.179
linux-image-generic 3.2.0.133.148
linux-image-generic-pae 3.2.0.133.148

Please note that fully mitigating CVE-2017-5715 (Spectre Variant 2)
requires corresponding processor microcode/firmware updates or,
in virtual environments, hypervisor updates. On i386 and amd64
architectures, the IBRS and IBPB features are required to enable the
kernel mitigations. Ubuntu is working with Intel and AMD to provide
future microcode updates that implement IBRS and IBPB as they are made
available. Ubuntu users with a processor from a different vendor should
contact the vendor to identify necessary firmware updates. Ubuntu
will provide corresponding QEMU updates in the future for users of
self-hosted virtual environments in coordination with upstream QEMU.
Ubuntu users in cloud environments should contact the cloud provider
to confirm that the hypervisor has been updated to expose the new
CPU features to virtual machines.

After a standard system update you need to reboot your computer to
apply the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3580-1
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
CVE-2017-5715, CVE-2017-5753

[USN-3579-1] LibreOffice vulnerability

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJajfUNAAoJEGEfvezVlG4PHhsH/0xULBubVgh0oHy+YmPbdrDV
RqN3JOuhvFNIFJ/hh0oTciLwkEPDLWrrVhw+HIxRFu/bHsu0pmdooJV2Wn7GXJ2r
WnPwNmGOJosyvmXBUiUq+xPXc2X+so+uq6o0hZYvdOrqAAIAQiJZCy/5u2oH9T4x
OHCUv1guj1fs7Mnl8EcKXl+/IdWRRDgxHe05K3jlGZcT68+Ic1RwI+N0yDrrvEQT
J4e8Xjcs6JmSbWmDzDNUSTENhFUsjm2LqKZJ6xrB1tmkeE+66La9h6AoRoayqJsZ
ey7XzgKpPajANdHY7u8/ki6xfuu3Fhsj/KjOIXpe4eQ0qAYSeLkQdnqx3f2bKQg=
=D069
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3579-1
February 21, 2018

libreoffice vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

LibreOffice would allow unintended access to files over the network.

Software Description:
- libreoffice: Office productivity suite

Details:

It was discovered that =WEBSERVICE calls in a document could be used to
read arbitrary files. If a user were tricked in to opening a specially
crafted document, a remote attacker could exploit this to obtain sensitive
information. (CVE-2018-6871)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
libreoffice-core 1:5.4.5-0ubuntu0.17.10.1

Ubuntu 16.04 LTS:
libreoffice-core 1:5.1.6~rc2-0ubuntu1~xenial3

Ubuntu 14.04 LTS:
libreoffice-core 1:4.2.8-0ubuntu5.3

After a standard system update you need to restart LibreOffice to make
all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3579-1
CVE-2018-6871

Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/1:5.4.5-0ubuntu0.17.10.1
https://launchpad.net/ubuntu/+source/libreoffice/1:5.1.6~rc2-0ubuntu1~xenial3
https://launchpad.net/ubuntu/+source/libreoffice/1:4.2.8-0ubuntu5.3

Fedora 28 Mass Branching

Hi All,

Fedora 28 has now been branched, please be sure to do a git pull

--rebase to pick up the new branch, as an additional reminder

rawhide/f29 has been completely isolated from previous releases, so

this means that anything you do for f28 you also have to do in the

master branch and do a build there. There will be a Fedora 28 compose

ASAP and it'll appear

http://dl.fedoraproject.org/pub/fedora/linux/development/28/ once

complete. Please be sure to check it out. Bodhi is currently not

active for Fedora 28, it will be enabled in a weeks time when we hit

Beta change freeze point in the Fedora 28 schedule[1].

Mohan Boddu.

[1] https://fedoraproject.org/wiki/Releases/28/Schedule

[USN-3577-1] CUPS vulnerability

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJajLpiAAoJEGEfvezVlG4PulcH/2sizSCUMc5BLxANWcrw4kqT
NjJ3/XIpTr4uqdIyaQJrfo9ULXuG2RmCKBwE8PVaSb2u/umEnjPuNFzkHns84ei2
10cn4hoVkIDBmCEzpS4mbiKOGuezY8DTPuUqBmooTzHLBM5f7VrRd+9gyGm/Y4O/
fQQHUr7HAQGcEWbWfSj8R31Mh7Q9kS25g6CaNmUExSFV3xzuXzaP+ZKLndcZf7oW
gm63+uEQ9fjfnvrIGYCuiuB+mk3dS34tkOZO4v3gLkNPmU+sWHggKO3JNQZVRd4q
NBB8uN/ElWliQ9W8fzTCw5L9rmX5dlCdo1rADR//eGPeT+x6PxB8P5ShkRTtFms=
=rsSE
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3577-1
February 21, 2018

cups vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

CUPS could be made to provide access to printers over the network.

Software Description:
- cups: Common UNIX Printing System(tm)

Details:

Jann Horn discovered that CUPS permitted HTTP requests with the Host
header set to "localhost.localdomain" from the loopback interface. If a
user were tricked in to opening a specially crafted website in their web
browser, an attacker could potentially exploit this to obtain sensitive
information or control printers, via a DNS rebinding attack.
(CVE-2017-18190)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
cups 2.1.3-4ubuntu0.4

Ubuntu 14.04 LTS:
cups 1.7.2-0ubuntu1.9

In general, a standard system update will make all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3577-1
CVE-2017-18190

Package Information:
https://launchpad.net/ubuntu/+source/cups/2.1.3-4ubuntu0.4
https://launchpad.net/ubuntu/+source/cups/1.7.2-0ubuntu1.9

[USN-3576-1] libvirt vulnerabilities

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJajJBWAAoJEGVp2FWnRL6TEzMP/0vXoeOp45jyNImEHGTCCn6r
qHUoNsnfVnSJQS7AUChgXGycVQPl5bktZDAudcIqpqLcGT0hFLGS4hbbA4VPDnzR
w4pSKoz5g7CbZciMlNIsQPhcOmy061G5jTb3E8cwHRQJTKoXA0XQxTlAOZFLuJ8Z
FZkOg26uf7uLRLsqCC8n6tI9YQiwd9s1KikGvH5iVMsrOwvZknsWYmCjOVs/cT87
lkf6t9HOgBEEgKNtH+sx/iENMZL0uHF3ofEi6oZSByOxBhCJqP1OIBtmkTh5u2IM
zUW4h21JDGCnRQpOWa5ztG9VUmqwImjtCDr3FLdhKd7xgsWcWAgsVtVjWUHBHTGK
9zn1GZ/Dp2xm9kSfP32D6jZf5cZk2QbOs/iLAm1gOHmk1Yab60soxWYxivmVMPx8
hBdol+/uO/YpFJxMFQwQtN/WH+d5eRR9F0ttGslHIYqR7k50PAJdwNQZicjmYs9i
PQmq5fPBWSvw1TBXn7pj3hw6Dw0d8ZDA1K6yUchR/uE/6zxoft0uxLuFkmxodAsr
LN2eH5Bk9zRDww6AZpU1ncWVUHZQx9xK7LCZFWVb2c2HjaBWYDcMUUvXro4Mjzqw
Or7gb0fKIkvr7mBt85l/eAlOBVzGQ8Qgi8MQAdBZBUFD6qT7Qkn2Y7ze4BnwxNNu
s+EIyWAnJZ91MAgMhrfo
=oBDH
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3576-1
February 20, 2018

libvirt vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in libvirt.

Software Description:
- libvirt: Libvirt virtualization toolkit

Details:

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt
incorrectly disabled password authentication when the VNC password was set
to an empty string. A remote attacker could possibly use this issue to
bypass authentication, contrary to expectations. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5008)

Daniel P. Berrange discovered that libvirt incorrectly handled validating
SSL/TLS certificates. A remote attacker could possibly use this issue to
obtain sensitive information. This issue only affected Ubuntu 17.10.
(CVE-2017-1000256)

Daniel P. Berrange and Peter Krempa discovered that libvirt incorrectly
handled large QEMU replies. An attacker could possibly use this issue to
cause libvirt to crash, resulting in a denial of service. (CVE-2018-5748)

Pedro Sampaio discovered that libvirt incorrectly handled the libnss_dns.so
module. An attacker in a libvirt_lxc session could possibly use this issue
to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and
Ubuntu 17.10. (CVE-2018-6764)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
libvirt-bin 3.6.0-1ubuntu6.3
libvirt0 3.6.0-1ubuntu6.3

Ubuntu 16.04 LTS:
libvirt-bin 1.3.1-1ubuntu10.19
libvirt0 1.3.1-1ubuntu10.19

Ubuntu 14.04 LTS:
libvirt-bin 1.2.2-0ubuntu13.1.26
libvirt0 1.2.2-0ubuntu13.1.26

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3576-1
CVE-2016-5008, CVE-2017-1000256, CVE-2018-5748, CVE-2018-6764

Package Information:
https://launchpad.net/ubuntu/+source/libvirt/3.6.0-1ubuntu6.3
https://launchpad.net/ubuntu/+source/libvirt/1.3.1-1ubuntu10.19
https://launchpad.net/ubuntu/+source/libvirt/1.2.2-0ubuntu13.1.26

[USN-3575-1] QEMU vulnerabilities

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJajJBCAAoJEGVp2FWnRL6TzN0P/2KlnRPMAODzBpOZCJVkuWWy
V54iVayVnU5zSxHQalUu1MZntSrUi12+UniXPIFNzzKLsOq181zHL18CmumLiohQ
rjqfdkvN+vtjHWtrVYdIB5GvGdsSgsslh+1AhyqgHKdsxB+Hjoxh1y3g6mCpAoFS
dSSBnx8v5MR5QiJdTAi27tXNFhP3tb7zIA00Wp7UhoRDVWitRwxnUYwUGWagJ78M
ub1MPLVCsMB1y2ucztBW7sliVIvABsnCsMD2X/yrnvuk1APkazQAPed4DnCzUGhT
9zyBIwcQAogyqfPbAPMc6LBs41QWxKJRYu2ZhcWkpSFjFofywluERxO2Efd5zyzg
MmW9l+1JcC5HDBlXjUxJc2gBObZ150UYmwMOzjp7Uq09xEZDyJeo1+zZS9ATr/Xe
p97a1yRPNuzjeTsX1zY6ioNpLnlhts0OKI0F0vZbq5sW2WCJwvu8+VN8kjyT4Kva
Y1VVbqgTLkJc+4cxdip4vfR/rvp2R+63UdwNOOG6VYKsGaLwqnRTW8nlXrD6YYg5
+c6Z4p0ryZMgHkuyQ+Z/br31OcCguB0evNRsMf49iQBIkNwEj0F2eCSajTrnS6Oq
rho4oGs7gOAYh9fZ9L+GPZaE4T+BVV0Otz1AjX/ki8Yiyp/lPonGCBkMcxhmDeGF
plLZPGORn0iWEIZFz5Di
=0m5y
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3575-1
February 20, 2018

qemu vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in QEMU.

Software Description:
- qemu: Machine emulator and virtualizer

Details:

It was discovered that QEMU incorrectly handled guest ram. A privileged
attacker inside the guest could use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 16.04 LTS. (CVE-2017-11334)

David Buchanan discovered that QEMU incorrectly handled the VGA device. A
privileged attacker inside the guest could use this issue to cause QEMU to
crash, resulting in a denial of service. This issue was only addressed in
Ubuntu 17.10. (CVE-2017-13672)

Thomas Garnier discovered that QEMU incorrectly handled multiboot. An
attacker could use this issue to cause QEMU to crash, resulting in a denial
of service, or possibly execute arbitrary code on the host. In the default
installation, when QEMU is used with libvirt, attackers would be isolated
by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS
and Ubuntu 16.04 LTS. (CVE-2017-14167)

Tuomas Tynkkynen discovered that QEMU incorrectly handled VirtFS directory
sharing. An attacker could use this issue to obtain sensitive information
from host memory. (CVE-2017-15038)

Eric Blake discovered that QEMU incorrectly handled memory in the
NBD server. An attacker could use this issue to cause the NBD server to
crash, resulting in a denial of service. This issue only affected Ubuntu
17.10. (CVE-2017-15118)

Eric Blake discovered that QEMU incorrectly handled certain options to the
NBD server. An attacker could use this issue to cause the NBD server to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15119)

Daniel Berrange discovered that QEMU incorrectly handled the VNC server. A
remote attacker could possibly use this issue to consume memory, resulting
in a denial of service. This issue was only addressed in Ubuntu 17.10.
(CVE-2017-15124)

Carl Brassey discovered that QEMU incorrectly handled certain websockets. A
remote attacker could possibly use this issue to consume memory, resulting
in a denial of service. This issue only affected Ubuntu 17.10.
(CVE-2017-15268)

Guoxiang Niu discovered that QEMU incorrectly handled the Cirrus VGA
device. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2017-15289)

Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values
during migration. An attacker could possibly use this issue to cause QEMU
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10.
(CVE-2017-16845)

It was discovered that QEMU incorrectly handled the Virtio Vring
implementation. An attacker could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 17.10. (CVE-2017-17381)

Eric Blake discovered that QEMU incorrectly handled certain rounding
operations. An attacker could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-18043)

Jiang Xin and Lin ZheCheng discovered that QEMU incorrectly handled the
VGA device. A privileged attacker inside the guest could use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2018-5683)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
qemu-system 1:2.10+dfsg-0ubuntu3.5
qemu-system-aarch64 1:2.10+dfsg-0ubuntu3.5
qemu-system-arm 1:2.10+dfsg-0ubuntu3.5
qemu-system-mips 1:2.10+dfsg-0ubuntu3.5
qemu-system-misc 1:2.10+dfsg-0ubuntu3.5
qemu-system-ppc 1:2.10+dfsg-0ubuntu3.5
qemu-system-s390x 1:2.10+dfsg-0ubuntu3.5
qemu-system-sparc 1:2.10+dfsg-0ubuntu3.5
qemu-system-x86 1:2.10+dfsg-0ubuntu3.5

Ubuntu 16.04 LTS:
qemu-system 1:2.5+dfsg-5ubuntu10.22
qemu-system-aarch64 1:2.5+dfsg-5ubuntu10.22
qemu-system-arm 1:2.5+dfsg-5ubuntu10.22
qemu-system-mips 1:2.5+dfsg-5ubuntu10.22
qemu-system-misc 1:2.5+dfsg-5ubuntu10.22
qemu-system-ppc 1:2.5+dfsg-5ubuntu10.22
qemu-system-s390x 1:2.5+dfsg-5ubuntu10.22
qemu-system-sparc 1:2.5+dfsg-5ubuntu10.22
qemu-system-x86 1:2.5+dfsg-5ubuntu10.22

Ubuntu 14.04 LTS:
qemu-system 2.0.0+dfsg-2ubuntu1.39
qemu-system-aarch64 2.0.0+dfsg-2ubuntu1.39
qemu-system-arm 2.0.0+dfsg-2ubuntu1.39
qemu-system-mips 2.0.0+dfsg-2ubuntu1.39
qemu-system-misc 2.0.0+dfsg-2ubuntu1.39
qemu-system-ppc 2.0.0+dfsg-2ubuntu1.39
qemu-system-sparc 2.0.0+dfsg-2ubuntu1.39
qemu-system-x86 2.0.0+dfsg-2ubuntu1.39

After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.

References:
https://www.ubuntu.com/usn/usn-3575-1
CVE-2017-11334, CVE-2017-13672, CVE-2017-14167, CVE-2017-15038,
CVE-2017-15118, CVE-2017-15119, CVE-2017-15124, CVE-2017-15268,
CVE-2017-15289, CVE-2017-16845, CVE-2017-17381, CVE-2017-18043,
CVE-2018-5683

Package Information:
https://launchpad.net/ubuntu/+source/qemu/1:2.10+dfsg-0ubuntu3.5
https://launchpad.net/ubuntu/+source/qemu/1:2.5+dfsg-5ubuntu10.22
https://launchpad.net/ubuntu/+source/qemu/2.0.0+dfsg-2ubuntu1.39

Fedora 28 Change Checkpoint: Completion deadline (testable)

Greetings!

Today, on 2018-Feb-20, we have reached Fedora 28 Change
Checkpoint:Completion deadline (testable) [1].

At this point, all accepted changes [2] should be substantially
complete, and testable. Additionally, if a change is to be enabled by
default, it must be enabled at Change Completion deadline as well.

Change tracking bug should be set to the MODIFIED state to indicate it
achieved completeness.

Incomplete and non testable Changes [3] will be reported to FESCo on
2018-Feb-23 meeting. Contingency plan for System Wide Changes in case
of serious doubts regarding Change completion, will be activated.

[1] https://fedoraproject.org/wiki/Releases/28/Schedule
[2] https://fedoraproject.org/wiki/Releases/28/ChangeSet
[3] http://red.ht/2BEyQt0
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

[HEADS UP] No more gnupg2 in buildroot

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hey,

today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm-
sign-libs.

This resulted into 8 packages disappearing from buildroot¹².

This should not be a problem, but still useful to know.

⁰ https://src.fedoraproject.org/rpms/rpm/c/99d6687a36647cb307b789d19921a34154e9
c671
¹ gnupg2, gnutls, ima-evm-utils, libassuan, libksba, libusbx, nettle, npth
² 171 → 163 packages
- --
- -Igor Gnatenko
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMHnsACgkQaVcUvRu8
X0wmUhAAtx5N4EQ+ulMHDkWyi1p96RGojp0H0xMudlai54sJOU/0FvNe8y0e0o6H
ZERhdDKDgl7KtNEhSS/KsL+8Siog2PCSDv3SbwGrfeqegCRz/qOq4gqPsdLdkgCu
dNtUNpvVIBwrTcNSU7igVnlnz5b9Su3TcCBunca3vCEEU5MKtEWQTYqFIjxOAjBX
NGkuvmoY3hj07IP9Vh0q0VNyHCBfsXmVHruN9b8VFZx9IcEJ2OguQ6cFVzoeyeeI
p4dlKza3znXeS53GtDA7WMGBEl/EI8Czh2/5JXgBZrshshfCY84pa2kZo0igC/3m
lAbTCvGtqt8V4HW2RPttQsEtvTrRseuXWRXvNIcrXXiTaB6XyRaf58tY3jWerK5k
3KlDyMSNvD6neSrk7ujykX5Wh4qQAvmvSrjEeYAPpwIoBh1uAH1yKQJ1THPSxwff
9u/kU7bnGfJOIMAi0AQR3jNBxFVWZzEZisA/k6M5RwKLdb+Lvcxpz39wTSzqd0SE
0dMP5VWZ50P9JGh+xmWPtYWId7qzbYsXxzLBTwtbDZNfoUGxawF8jsxLN35tsgw9
Mojw9R34uq1ytPYcg6tIX2tryDW2oBm9AhKPC6+WKCjJeQIZze1YzL+cdFsd0aba
9+smUVTWBRaXI6CL9luXkjSG4jzu7C2Fb7Fvb4/PZ0bM0ZtNhUk=
=wlgf
-----END PGP SIGNATURE-----
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

[USN-3574-1] Bind vulnerability

==========================================================================
Ubuntu Security Notice USN-3574-1
February 19, 2018

bind9 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Bind could be made to crash if it received specially crafted network
traffic.

Software Description:
- bind9: Internet Domain Name Server

Details:

It was discovered that Bind incorrectly handled DNSSEC validation. An
attacker could possibly use this to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  bind9                           1:9.8.1.dfsg.P1-4ubuntu0.25

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3574-1
  CVE-2018-5735

[CentOS-announce] [Infra] - planned outage : bugs.centos.org (Bug Tracker)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAlqK0XAACgkQnVkHo1a+xU5KwgCgi0qyqWxpg3lXPF+PgYKUCXc2
TEIAoJLBRHH9yoPSXSMAdNity0zNHnvE
=fcPY
-----END PGP SIGNATURE-----
This notification to let you know that we'll migrate our
https://bugs.centos.org bug tracker service to a different node, and
also updated to a new version of MantisBT (version 2.x)

This migration will give us more possibilities, including soon trying to
get SSO working even on our bug tracker (that part still need to be done
though)

Migration is scheduled for """"Tuesday February 20th, 8:00 am UTC time"""".
You can convert to local time with $(date -d '2018-2-20 8:00 UTC')

The expected "downtime" is estimated to ~10 minutes , time needed to
update/propagate updated dns A/AAAA records + last mysql dump/restore on the
new node.

Thanks for your comprehending and patience.

on behalf of the Infra team,
--
Fabian Arrotin
The CentOS Project | https://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab

[ACTION NEEDED] Missing BuildRequires: gcc/gcc-c++

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Over this weekend I've performed scratch-mass-rebuild without having gcc and
gcc-c++ in buildroot of all Fedora packages, many of which failed due to random
reasons and I grepped all logs for some common errors found by analyzing
hundreds of build logs.

Guidelines: https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequire
s_and_Requies

The grep output is located here:
https://ignatenkobrain.fedorapeople.org/gcc-removal.txt

Some packages might be missed due to short koji outage, broken dependencies and
so on, but majority of real failures is below.

If you fixed package(s), found false positive, found missing packages in list
or anything else -- please let me know.

Note to packages which use CMake buildsystem. When you have project(xxx) in
CMakeLists.txt it checks both for C and CXX compilers. So you might encounter
packages where you have BuildRequires: gcc and it fails on CXX compiler (even
you think you don't need it). Solution for this is to send patch to upstream
switching to something like project(xxx C), or if problem is opposite to
project(xxx CXX).

List of packages and respective maintainers:
https://ignatenkobrain.fedorapeople.org/gcc-removal-pkgs.txt

- --
- -Igor Gnatenko
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqJs1QACgkQaVcUvRu8
X0xxkRAAj56QZYSxzDXiMyvM9eLdVS0Qrt9jiNa66rasIbDVciTym7WQoV2CXxM+
ZxaOCYU8eyxOhE1rx36KITJ7SgU6ugLu2dVZlG/QR8vH3RTqJPV/GWhM/WUAgaon
f/SPwTIMk31qvEuKwlqLgNH1rwpRH2NfWVelZChwi1zXOglMvIHakV7sSedYy2i9
bmVvf/1ylj/NbaI6FaLUqg81UQhUulD8RYeZi1cyxSpit/4aysP7ixCb4MLizmwH
uNUO0y//xxL0hMSShmfTlsPXowU+NpkzV+lFQ/k2X4KcCZWMabfCt69TdyTbYlj5
ai8oFGNI94Tv6rrzR/Rirfl/eODtdaaeNqyg/MBze6hYpS2w2oezOEmdYvlpJ7Xo
z0fN/vIus1SeeyIKWo4KYHZYRX6g2nTCUeGYJqvCIRVxS9UJsy45C/HlnIWTtedn
Dyp9O/0aSDhY+ErPQi64+HloZrY7p+KsCzPNc9HdzLbhnfM5IUn2TmO+qHngBSlY
zGNfpOsBmmllSuBftWDfiayh8C9sBUpGT9693iyQYXPIwjZkQSHAclDZa7naN3Oy
NKQaqVOsDmgDDP9xVOyr/Aue3jQk/8QHraM5DgO05L6lXHwdm+rjIdbb7CU2rFF7
Gl14+kSFP7yufRQiS6Gt96eN4ePxSuD7XjiT/9GicztDXypNeX8=
=KRiO
-----END PGP SIGNATURE-----
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

F29 Self Contained Change: FedoraScientific VagrantBox

= Proposed Self Contained Change: FedoraScientific VagrantBox =
https://fedoraproject.org/wiki/Changes/FedoraScientific_VagrantBox


Owner(s):
* Amit Saha <amitsaha dot in at gmail dot com>


Fedora Scientific is currently delivered as ISOs. Shipping vagrant
boxes will give potential users a friendlier option to try out Fedora
Scientific while keeping their current operating system.



== Detailed description ==
Vagrant boxes for Fedora Scientific will allow users to easily run
Fedora Scientific in a virtual machine. This can be useful for users
who are using another operating system as their host operating system
and not have to manually download the ISO, and go through the
installation process which can be unfamiliar or unnecessary hassle for
users who may be new to Fedora or Linux.


== Scope ==
* Proposal owners:
This will require creating pungi configuration as well as new
kickstarts to be able to build the vagrant boxes for Fedora
Scientific.

* Other developers:
N/A (not a System Wide Change)

* Release engineering:
https://pagure.io/releng/issue/7324

** List of deliverables:
N/A (not a System Wide Change)

* Policies and guidelines:
N/A (not a System Wide Change)

* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

[lfs-announce] LFS-8.1-rc2 is released

The Linux From Scratch community announces the release of LFS Version
8.2-rc1. It is a preliminary release of LFS-8.2.

Major changes include toolchain updates to glibc-2.27, binutils-2.30, and
and gcc-7.0.0. In total, 34 packages were updated since the last release.
In addition five new packages have been moved ot the base LFS book from
BLFS: libffi, openssl, Python3, ninja, and meson. Changes to the text have
also been made throughout the book. The Linux kernel has also been updated
to version 4.15.3.

We encourage all users to read through this release of the book and test
the instructions so that we can make the final release as good as possible.

You can read the book online [0], or download [1] to read locally.

In coordination with this release, a new version of LFS using the systemd
package is also being released. This package implements the newer systemd
style of system initialization and control and is consistent with LFS in
most packages.

You can read the systemd version of the book online [2], or download [3]
to read locally.

-- Bruce

[0] http://www.linuxfromscratch.org/lfs/view/8.2-rc1/
[1] http://www.linuxfromscratch.org/lfs/downloads/8.2-rc1/
[2] http://www.linuxfromscratch.org/lfs/view/8.2-systemd-rc1/
[3] http://www.linuxfromscratch.org/lfs/downloads/8.2-systemd-rc1/
--
http://lists.linuxfromscratch.org/listinfo/lfs-announce
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Orphaned Packages looking for a new point of contact

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEESz7rprBJHpbnMnrQSzew2A/7u14FAlqHB5kACgkQSzew2A/7
u16n7xAAz1LL3zryXuzLlr/45T9nL/5lFvtcofkVDC3LN1DlabhrRkewhKgO3nh/
eK3uwFDf93CQanxx+6NlNTHkyS5A7T5bKG8Ydj8WEA0s+0xBjlb4S9pbHX8+bxYP
bzCrJbuv1XtFnqwUiSy0OVBefpEJITdp3Fz0+gEZvpA0B8H49cGgwaELRX0d/iPa
yK6W2XHyH/fBLBKngwMxowuZG0FSzJFEJFQdH/M2alE3G/B9RUjCX+BjPTHCrItj
ky1NGXOIy1Zu7c8SlZgRAEgPPdEDXuK/05mwFD84erD2PzNttv+BNVfLmz7KuY4Y
Q4SHFTaM9/789NYcC0sHDkuomasUnKTJ8eqgN6JgQ8EWEFjFq5d14/K3mqtN9a4X
WCwU/2PFiD66a0M5s6b6v2p6mzPE2ZbmS1X2/QjXTCN2A8CUMl1GHUizVvIFuVxi
7sx/QQi2XlMnbvswU4++t7Al56XtaLgZaCS/C6Fh0i7Cv7DLiH0cXbryd/CMUl89
Ybv7UA2k73jAy4xTTkV62ZftwLvdD4yFVrpM9f3KscWPju+D7voEKFio6tEVlUHM
ayZJGrWws4t25W8DTL5OA4IONRRAUAbjvmHKSgQzh96N0PJyOq4+7vWnkv+AICJG
vM1pV4+Jgpo8/Be1YubekPDehzD3srxo8cHnw8VZLGVB29eSpak=
=7g17
-----END PGP SIGNATURE-----
Greetings.

There's some packages that have been orphaned by FESCo and are seeking a
new point of contact to stay in the collection.

If you are interested in becoming the point of contact for these, please
note it in the appropriate ticket below for quickest processing.
(no need to reopen the ticket, just add your fas name and what packages
you want to take)

https://pagure.io/fesco/issue/1839

rpms/clamz
rpms/inkboy-fonts

Thanks,

kevin