==========================================================================
Ubuntu Security Notice USN-5753-1
December 01, 2022
snapd vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
snapd could be made to run programs as an administrator.
Software Description:
- snapd: Daemon and tooling that enable snap packages
Details:
The Qualys Research Team discovered that a race condition existed in the
snapd snap-confine binary when preparing the private /tmp mount for a
snap. A local attacker could possibly use this issue to escalate privileges
and execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
snapd 2.57.5+22.10ubuntu0.1
Ubuntu 22.04 LTS:
snapd 2.57.5+22.04ubuntu0.1
Ubuntu 20.04 LTS:
snapd 2.57.5+20.04ubuntu0.1
Ubuntu 18.04 LTS:
snapd 2.57.5+18.04ubuntu0.1
Ubuntu 16.04 ESM:
snapd 2.54.3+16.04.0ubuntu0.1~esm5
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5753-1
CVE-2022-3328
Package Information:
https://launchpad.net/ubuntu/+source/snapd/2.57.5+22.10ubuntu0.1
https://launchpad.net/ubuntu/+source/snapd/2.57.5+22.04ubuntu0.1
https://launchpad.net/ubuntu/+source/snapd/2.57.5+20.04ubuntu0.1
https://launchpad.net/ubuntu/+source/snapd/2.57.5+18.04ubuntu0.1
Wednesday, November 30, 2022
[CentOS-announce] CESA-2022:8640 Important CentOS 7 krb5 Security Update
CentOS Errata and Security Advisory 2022:8640 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8640
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
fbc2fabe0f2dd520e1af93518f0669fbb0c91b469d7508a7402404cbbea73b6d krb5-devel-1.15.1-55.el7_9.i686.rpm
b3cdcec7059a05b036622e2b2326259602d28b19672e0fe8766f1b0c59537bc9 krb5-devel-1.15.1-55.el7_9.x86_64.rpm
f7291bdf6020187d7cf5369c95f16faeef861f866ffc8c46c03116ea2adf9092 krb5-libs-1.15.1-55.el7_9.i686.rpm
0b514834510f57ab09a2051d0b0c2be8a61777452ad125d1b3e5e90abeb6fa22 krb5-libs-1.15.1-55.el7_9.x86_64.rpm
b64165d72cf869748c81b8e41581c93b8354747c22d548ae910ab54e118a90a5 krb5-pkinit-1.15.1-55.el7_9.x86_64.rpm
2da57e3f11f7feb8e50c18578d16794bb2a9a020b5c7c2a5ed12d4c49a0e597d krb5-server-1.15.1-55.el7_9.x86_64.rpm
9f8bb077bbb9a1599bd7dfb6b7973517ca6a23674134edc3822c31d459a0fcf0 krb5-server-ldap-1.15.1-55.el7_9.x86_64.rpm
caf7f0adf042b63657e0610f87dbb3aa3334f9a81292aa836ddc648117954f9d krb5-workstation-1.15.1-55.el7_9.x86_64.rpm
8f22a24548ec519571fd7dcc4779339bb29955be70e289533d286d4069cdfe23 libkadm5-1.15.1-55.el7_9.i686.rpm
ec1b22bbbd65cf0d8ac4abc748b4d4e1721149c816440d123ce3d707e25059a8 libkadm5-1.15.1-55.el7_9.x86_64.rpm
Source:
d154824d46dff5aece0cdb8e4c9df299058bacadbaf7fb16be8d9163ca2814bb krb5-1.15.1-55.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8640
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
fbc2fabe0f2dd520e1af93518f0669fbb0c91b469d7508a7402404cbbea73b6d krb5-devel-1.15.1-55.el7_9.i686.rpm
b3cdcec7059a05b036622e2b2326259602d28b19672e0fe8766f1b0c59537bc9 krb5-devel-1.15.1-55.el7_9.x86_64.rpm
f7291bdf6020187d7cf5369c95f16faeef861f866ffc8c46c03116ea2adf9092 krb5-libs-1.15.1-55.el7_9.i686.rpm
0b514834510f57ab09a2051d0b0c2be8a61777452ad125d1b3e5e90abeb6fa22 krb5-libs-1.15.1-55.el7_9.x86_64.rpm
b64165d72cf869748c81b8e41581c93b8354747c22d548ae910ab54e118a90a5 krb5-pkinit-1.15.1-55.el7_9.x86_64.rpm
2da57e3f11f7feb8e50c18578d16794bb2a9a020b5c7c2a5ed12d4c49a0e597d krb5-server-1.15.1-55.el7_9.x86_64.rpm
9f8bb077bbb9a1599bd7dfb6b7973517ca6a23674134edc3822c31d459a0fcf0 krb5-server-ldap-1.15.1-55.el7_9.x86_64.rpm
caf7f0adf042b63657e0610f87dbb3aa3334f9a81292aa836ddc648117954f9d krb5-workstation-1.15.1-55.el7_9.x86_64.rpm
8f22a24548ec519571fd7dcc4779339bb29955be70e289533d286d4069cdfe23 libkadm5-1.15.1-55.el7_9.i686.rpm
ec1b22bbbd65cf0d8ac4abc748b4d4e1721149c816440d123ce3d707e25059a8 libkadm5-1.15.1-55.el7_9.x86_64.rpm
Source:
d154824d46dff5aece0cdb8e4c9df299058bacadbaf7fb16be8d9163ca2814bb krb5-1.15.1-55.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2022:8560 Important CentOS 7 hsqldb Security Update
CentOS Errata and Security Advisory 2022:8560 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8560
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
bc29e9309d0d6c8bcbf454c1d73fd5eda133e3cd0a96c01283bd3c2830a03310 hsqldb-1.8.1.3-15.el7_9.noarch.rpm
c1f39d4de68160899478e6a3a13d87ca0cbb510af261d0319a2c3f3690cf263f hsqldb-demo-1.8.1.3-15.el7_9.noarch.rpm
95e6995373810d5b756222856d1b5d2f7d82bcb15022cc12282cbc282404516f hsqldb-javadoc-1.8.1.3-15.el7_9.noarch.rpm
4cf62f2fe312ff9b70310eeb760aecc8141285cba4ffec167b47f1cd26cb8fec hsqldb-manual-1.8.1.3-15.el7_9.noarch.rpm
Source:
e9e1f6abd25e4282b633cf4fef50d4555be4a9c250a03382cb2ad6c3ab53a648 hsqldb-1.8.1.3-15.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8560
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
bc29e9309d0d6c8bcbf454c1d73fd5eda133e3cd0a96c01283bd3c2830a03310 hsqldb-1.8.1.3-15.el7_9.noarch.rpm
c1f39d4de68160899478e6a3a13d87ca0cbb510af261d0319a2c3f3690cf263f hsqldb-demo-1.8.1.3-15.el7_9.noarch.rpm
95e6995373810d5b756222856d1b5d2f7d82bcb15022cc12282cbc282404516f hsqldb-javadoc-1.8.1.3-15.el7_9.noarch.rpm
4cf62f2fe312ff9b70310eeb760aecc8141285cba4ffec167b47f1cd26cb8fec hsqldb-manual-1.8.1.3-15.el7_9.noarch.rpm
Source:
e9e1f6abd25e4282b633cf4fef50d4555be4a9c250a03382cb2ad6c3ab53a648 hsqldb-1.8.1.3-15.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2022:7404 CentOS 7 tzdata BugFix Update
CentOS Errata and Bugfix Advisory 2022:7404
Upstream details at : https://access.redhat.com/errata/RHBA-2022:7404
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
82eb45d206c4798cbb97d743814081a5b2e5621151b5d0be9cb94ebcdb32447a tzdata-2022f-1.el7.noarch.rpm
7f22cccc77b46b6d72fc3cd7f68664be248f5c21b739751c0122fc7846687306 tzdata-java-2022f-1.el7.noarch.rpm
Source:
40caa9b6d7fc2b537001059dc65793c55cb01a879bf1a1e89b64999c9391168d tzdata-2022f-1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHBA-2022:7404
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
82eb45d206c4798cbb97d743814081a5b2e5621151b5d0be9cb94ebcdb32447a tzdata-2022f-1.el7.noarch.rpm
7f22cccc77b46b6d72fc3cd7f68664be248f5c21b739751c0122fc7846687306 tzdata-java-2022f-1.el7.noarch.rpm
Source:
40caa9b6d7fc2b537001059dc65793c55cb01a879bf1a1e89b64999c9391168d tzdata-2022f-1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2022:8491 Important CentOS 7 xorg-x11-server Security Update
CentOS Errata and Security Advisory 2022:8491 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8491
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
d009248700d9e5dfb31d429a3fc4511bf6d988ab6276af506e8279a020138c9b xorg-x11-server-common-1.20.4-19.el7_9.x86_64.rpm
1deb2c2c595359a6d9ce1c3cbf28785cb264b03e34a46f8a05bb2c2922937dc0 xorg-x11-server-devel-1.20.4-19.el7_9.i686.rpm
5264ebb9f634f3266ba74ef377d0db45c52877826efb225687b1430a60c824fb xorg-x11-server-devel-1.20.4-19.el7_9.x86_64.rpm
1e92ab11dbfdb95e9151c5fc2f4ef713c7bea0d91690886bf35bb75cd70c9870 xorg-x11-server-source-1.20.4-19.el7_9.noarch.rpm
e2e263c938ce2c5090d810688c04ec6cd001741c076f39d1466a32d13305f123 xorg-x11-server-Xdmx-1.20.4-19.el7_9.x86_64.rpm
4ba6b6ddecf71dc7d8295a3fb4185fa2934f07e58716d8466b73a50137c58a53 xorg-x11-server-Xephyr-1.20.4-19.el7_9.x86_64.rpm
27db2217dfdcab84a095b8363c3aaf36fd751a336577cc3de811d0a747c37feb xorg-x11-server-Xnest-1.20.4-19.el7_9.x86_64.rpm
7961a17846adb9bd4b8dc39c94b3cbe82106b9f14b61013a3b4896b7335f2e1e xorg-x11-server-Xorg-1.20.4-19.el7_9.x86_64.rpm
c2cdc7a6e9930a49880578ed60314a159c97e36dd96908f892d53e315b1c0895 xorg-x11-server-Xvfb-1.20.4-19.el7_9.x86_64.rpm
0579155d9d1a4a339ec6d119e12c2ecc135abd36aef7ba674704d62d18e6e6cc xorg-x11-server-Xwayland-1.20.4-19.el7_9.x86_64.rpm
Source:
b056017c11e5a2efc1de35603d9a390faf0d21e770bf4ff809aa86716a1c019b xorg-x11-server-1.20.4-19.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8491
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
d009248700d9e5dfb31d429a3fc4511bf6d988ab6276af506e8279a020138c9b xorg-x11-server-common-1.20.4-19.el7_9.x86_64.rpm
1deb2c2c595359a6d9ce1c3cbf28785cb264b03e34a46f8a05bb2c2922937dc0 xorg-x11-server-devel-1.20.4-19.el7_9.i686.rpm
5264ebb9f634f3266ba74ef377d0db45c52877826efb225687b1430a60c824fb xorg-x11-server-devel-1.20.4-19.el7_9.x86_64.rpm
1e92ab11dbfdb95e9151c5fc2f4ef713c7bea0d91690886bf35bb75cd70c9870 xorg-x11-server-source-1.20.4-19.el7_9.noarch.rpm
e2e263c938ce2c5090d810688c04ec6cd001741c076f39d1466a32d13305f123 xorg-x11-server-Xdmx-1.20.4-19.el7_9.x86_64.rpm
4ba6b6ddecf71dc7d8295a3fb4185fa2934f07e58716d8466b73a50137c58a53 xorg-x11-server-Xephyr-1.20.4-19.el7_9.x86_64.rpm
27db2217dfdcab84a095b8363c3aaf36fd751a336577cc3de811d0a747c37feb xorg-x11-server-Xnest-1.20.4-19.el7_9.x86_64.rpm
7961a17846adb9bd4b8dc39c94b3cbe82106b9f14b61013a3b4896b7335f2e1e xorg-x11-server-Xorg-1.20.4-19.el7_9.x86_64.rpm
c2cdc7a6e9930a49880578ed60314a159c97e36dd96908f892d53e315b1c0895 xorg-x11-server-Xvfb-1.20.4-19.el7_9.x86_64.rpm
0579155d9d1a4a339ec6d119e12c2ecc135abd36aef7ba674704d62d18e6e6cc xorg-x11-server-Xwayland-1.20.4-19.el7_9.x86_64.rpm
Source:
b056017c11e5a2efc1de35603d9a390faf0d21e770bf4ff809aa86716a1c019b xorg-x11-server-1.20.4-19.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2022:7186 Important CentOS 7 device-mapper-multipath Security Update
CentOS Errata and Security Advisory 2022:7186 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2022:7186
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
1594da41bb4b69a611ac9e605dec625b69dd2f867a53943a544a8babfb76594c device-mapper-multipath-0.4.9-136.el7_9.x86_64.rpm
8bf0a6fa452bb777d2800beaf0ba2e84f3dd1b17964e1b1bb26b099bcd5ba413 device-mapper-multipath-devel-0.4.9-136.el7_9.i686.rpm
1333d18f0d5f36acf0badba03a7250ddf92df7f789f4674ece2dfcfcd925f3b3 device-mapper-multipath-devel-0.4.9-136.el7_9.x86_64.rpm
393b6f38ca21b31f198eb40d2fbdecb79a43ca0306ac436c4ebcc4fc8a15043a device-mapper-multipath-libs-0.4.9-136.el7_9.i686.rpm
c1769c3e3380140052696701ca6809cb191ea6c245caf1c658a1b8bc580f13ba device-mapper-multipath-libs-0.4.9-136.el7_9.x86_64.rpm
fce2a6c0ec49c42d5100944108bbb85b8a3e2685de9b583b1b4627e6f66b330e device-mapper-multipath-sysvinit-0.4.9-136.el7_9.x86_64.rpm
14290884418bd83ad4955aa6354b2113950b766239244a06bee2f2a364ba608f kpartx-0.4.9-136.el7_9.x86_64.rpm
c846a72195e654b76f0ca3467ec6a0e034d1907a307e6d797b1e4238ab8e1949 libdmmp-0.4.9-136.el7_9.i686.rpm
cebe503265c9efa9afa036f10cf99ab4d5eeabe4c13950dc76ba50fc4304f4fc libdmmp-0.4.9-136.el7_9.x86_64.rpm
6337008a1e944b28b17317dcde8003b1ccb848dc5a09a17a27903c4e32e60846 libdmmp-devel-0.4.9-136.el7_9.i686.rpm
5c0bed31f5ed7d1cccaeb6276746900d9f0fe837b806759153ea696c3b33b423 libdmmp-devel-0.4.9-136.el7_9.x86_64.rpm
Source:
5a81e021a71070d03783f769bafa52f82f895ee6b5e9af1da9ce10a0ab6c799e device-mapper-multipath-0.4.9-136.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2022:7186
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
1594da41bb4b69a611ac9e605dec625b69dd2f867a53943a544a8babfb76594c device-mapper-multipath-0.4.9-136.el7_9.x86_64.rpm
8bf0a6fa452bb777d2800beaf0ba2e84f3dd1b17964e1b1bb26b099bcd5ba413 device-mapper-multipath-devel-0.4.9-136.el7_9.i686.rpm
1333d18f0d5f36acf0badba03a7250ddf92df7f789f4674ece2dfcfcd925f3b3 device-mapper-multipath-devel-0.4.9-136.el7_9.x86_64.rpm
393b6f38ca21b31f198eb40d2fbdecb79a43ca0306ac436c4ebcc4fc8a15043a device-mapper-multipath-libs-0.4.9-136.el7_9.i686.rpm
c1769c3e3380140052696701ca6809cb191ea6c245caf1c658a1b8bc580f13ba device-mapper-multipath-libs-0.4.9-136.el7_9.x86_64.rpm
fce2a6c0ec49c42d5100944108bbb85b8a3e2685de9b583b1b4627e6f66b330e device-mapper-multipath-sysvinit-0.4.9-136.el7_9.x86_64.rpm
14290884418bd83ad4955aa6354b2113950b766239244a06bee2f2a364ba608f kpartx-0.4.9-136.el7_9.x86_64.rpm
c846a72195e654b76f0ca3467ec6a0e034d1907a307e6d797b1e4238ab8e1949 libdmmp-0.4.9-136.el7_9.i686.rpm
cebe503265c9efa9afa036f10cf99ab4d5eeabe4c13950dc76ba50fc4304f4fc libdmmp-0.4.9-136.el7_9.x86_64.rpm
6337008a1e944b28b17317dcde8003b1ccb848dc5a09a17a27903c4e32e60846 libdmmp-devel-0.4.9-136.el7_9.i686.rpm
5c0bed31f5ed7d1cccaeb6276746900d9f0fe837b806759153ea696c3b33b423 libdmmp-devel-0.4.9-136.el7_9.x86_64.rpm
Source:
5a81e021a71070d03783f769bafa52f82f895ee6b5e9af1da9ce10a0ab6c799e device-mapper-multipath-0.4.9-136.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2022:8555 Important CentOS 7 thunderbird Security Update
CentOS Errata and Security Advisory 2022:8555 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8555
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
24039275da54c6bead07277fc20529befb42b1c310557cb1598abc0ae73b37f4 thunderbird-102.5.0-2.el7.centos.x86_64.rpm
Source:
1aedfde4e44d623536ac52d22c3c6e319124ad8a10d3ef25f0cd0d3196fac74d thunderbird-102.5.0-2.el7.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8555
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
24039275da54c6bead07277fc20529befb42b1c310557cb1598abc0ae73b37f4 thunderbird-102.5.0-2.el7.centos.x86_64.rpm
Source:
1aedfde4e44d623536ac52d22c3c6e319124ad8a10d3ef25f0cd0d3196fac74d thunderbird-102.5.0-2.el7.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2022:8552 Important CentOS 7 firefox Security Update
CentOS Errata and Security Advisory 2022:8552 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8552
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
3fb0b77a99715fb931ff65f91089240046d339752c82495a1069470792e26818 firefox-102.5.0-1.el7.centos.i686.rpm
ce4f5cfaaa8ee847baeaa1449c9bda07462f87ac1b32027dc3d2b1086d417890 firefox-102.5.0-1.el7.centos.x86_64.rpm
Source:
b1b9c21c926069a2af96b13d26e4a65b297ac01d7e243380e1759c238a7b9591 firefox-102.5.0-1.el7.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2022:8552
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
3fb0b77a99715fb931ff65f91089240046d339752c82495a1069470792e26818 firefox-102.5.0-1.el7.centos.i686.rpm
ce4f5cfaaa8ee847baeaa1449c9bda07462f87ac1b32027dc3d2b1086d417890 firefox-102.5.0-1.el7.centos.x86_64.rpm
Source:
b1b9c21c926069a2af96b13d26e4a65b297ac01d7e243380e1759c238a7b9591 firefox-102.5.0-1.el7.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@libera.chat
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[USN-5752-1] Linux kernel (Azure CVM) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5752-1
November 30, 2022
linux-azure-fde vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems
Details:
David Bouman and Billy Jheng Bing Jhong discovered that a race condition
existed in the io_uring subsystem in the Linux kernel, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2022-2602)
Sönke Huster discovered that an integer overflow vulnerability existed in
the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-41674)
Sönke Huster discovered that a use-after-free vulnerability existed in the
WiFi driver stack in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-42719)
Sönke Huster discovered that the WiFi driver stack in the Linux kernel did
not properly perform reference counting in some situations, leading to a
use-after-free vulnerability. A physically proximate attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-42720)
Sönke Huster discovered that the WiFi driver stack in the Linux kernel did
not properly handle BSSID/SSID lists in some situations. A physically
proximate attacker could use this to cause a denial of service (infinite
loop). (CVE-2022-42721)
Sönke Huster discovered that the WiFi driver stack in the Linux kernel
contained a NULL pointer dereference vulnerability in certain situations. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2022-42722)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
linux-image-5.15.0-1024-azure-fde 5.15.0-1024.30.1
linux-image-azure-fde 5.15.0.1024.30.5
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5752-1
CVE-2022-2602, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720,
CVE-2022-42721, CVE-2022-42722
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1024.30.1
Ubuntu Security Notice USN-5752-1
November 30, 2022
linux-azure-fde vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems
Details:
David Bouman and Billy Jheng Bing Jhong discovered that a race condition
existed in the io_uring subsystem in the Linux kernel, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2022-2602)
Sönke Huster discovered that an integer overflow vulnerability existed in
the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-41674)
Sönke Huster discovered that a use-after-free vulnerability existed in the
WiFi driver stack in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-42719)
Sönke Huster discovered that the WiFi driver stack in the Linux kernel did
not properly perform reference counting in some situations, leading to a
use-after-free vulnerability. A physically proximate attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-42720)
Sönke Huster discovered that the WiFi driver stack in the Linux kernel did
not properly handle BSSID/SSID lists in some situations. A physically
proximate attacker could use this to cause a denial of service (infinite
loop). (CVE-2022-42721)
Sönke Huster discovered that the WiFi driver stack in the Linux kernel
contained a NULL pointer dereference vulnerability in certain situations. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2022-42722)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
linux-image-5.15.0-1024-azure-fde 5.15.0-1024.30.1
linux-image-azure-fde 5.15.0.1024.30.5
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5752-1
CVE-2022-2602, CVE-2022-41674, CVE-2022-42719, CVE-2022-42720,
CVE-2022-42721, CVE-2022-42722
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1024.30.1
[USN-5718-2] pixman vulnerability
==========================================================================
Ubuntu Security Notice USN-5718-2
November 30, 2022
pixman vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
pixman could be made to crash or run programs if it processed specially
crafted input.
Software Description:
- pixman: pixel-manipulation library for X and cairo
Details:
USN-5718-1 fixed a vulnerability in pixman. This update provides the
corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maddie Stone discovered that pixman incorrectly handled certain memory
operations. A remote attacker could use this issue to cause pixman to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libpixman-1-0 0.33.6-1ubuntu0.1~esm1
libpixman-1-dev 0.33.6-1ubuntu0.1~esm1
Ubuntu 14.04 ESM:
libpixman-1-0 0.30.2-2ubuntu1.2+esm1
libpixman-1-dev 0.30.2-2ubuntu1.2+esm1
After a standard system update you need to restart your session to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5718-2
https://ubuntu.com/security/notices/USN-5718-1
CVE-2022-44638
Ubuntu Security Notice USN-5718-2
November 30, 2022
pixman vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
pixman could be made to crash or run programs if it processed specially
crafted input.
Software Description:
- pixman: pixel-manipulation library for X and cairo
Details:
USN-5718-1 fixed a vulnerability in pixman. This update provides the
corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maddie Stone discovered that pixman incorrectly handled certain memory
operations. A remote attacker could use this issue to cause pixman to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libpixman-1-0 0.33.6-1ubuntu0.1~esm1
libpixman-1-dev 0.33.6-1ubuntu0.1~esm1
Ubuntu 14.04 ESM:
libpixman-1-0 0.30.2-2ubuntu1.2+esm1
libpixman-1-dev 0.30.2-2ubuntu1.2+esm1
After a standard system update you need to restart your session to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5718-2
https://ubuntu.com/security/notices/USN-5718-1
CVE-2022-44638
Advance notice of discontinuation of openSUSE Leap 15.3
Hi,
SUSE Linux Enterprise Server 15 SP3 leaves its regular maintenance and
support phase on December 31st 2022.
As openSUSE Leap 15.3 uses the SLES 15 SP3 updates, also openSUSE Leap
15.3 support from openSUSE Maintenance and Security will end on December 31st 2022.
An upgrade to openSUSE Leap 15.4 is recommended.
Ciao, Marcus
SUSE Linux Enterprise Server 15 SP3 leaves its regular maintenance and
support phase on December 31st 2022.
As openSUSE Leap 15.3 uses the SLES 15 SP3 updates, also openSUSE Leap
15.3 support from openSUSE Maintenance and Security will end on December 31st 2022.
An upgrade to openSUSE Leap 15.4 is recommended.
Ciao, Marcus
[USN-5750-1] GnuTLS vulnerability
==========================================================================
Ubuntu Security Notice USN-5750-1
November 30, 2022
gnutls28 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
GnuTLS could be made to crash if it received specially crafted network
traffic from an authenticated client.
Software Description:
- gnutls28: GNU TLS library
Details:
It was discovered that GnuTLS incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause GnuTLS
to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libgnutls30 3.4.10-4ubuntu1.9+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5750-1
CVE-2021-4209
Ubuntu Security Notice USN-5750-1
November 30, 2022
gnutls28 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
GnuTLS could be made to crash if it received specially crafted network
traffic from an authenticated client.
Software Description:
- gnutls28: GNU TLS library
Details:
It was discovered that GnuTLS incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause GnuTLS
to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libgnutls30 3.4.10-4ubuntu1.9+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5750-1
CVE-2021-4209
Tuesday, November 29, 2022
FreeBSD Security Advisory FreeBSD-SA-22:14.heimdal [REVISED]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-22:14.heimdal Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in Heimdal [REVISED]
Category: contrib
Module: heimdal
Announced: 2022-11-15
Revised: 2022-11-29
Affects: All supported versions of FreeBSD.
Corrected: 2022-11-15 21:15:35 UTC (stable/13, 13.1-STABLE)
2022-11-16 01:50:27 UTC (releng/13.1, 13.1-RELEASE-p4)
2022-11-15 21:16:56 UTC (stable/12, 12.4-STABLE)
2022-11-16 01:47:57 UTC (releng/12.4, 12.4-RC2-p1)
2022-11-16 01:40:21 UTC (releng/12.3, 12.3-RELEASE-p9)
CVE Name: CVE-2019-14870, CVE-2022-3437, CVE-2022-42898,
CVE-2022-44640, CVE-2021-44758
0. Revision history
v1.0 2022-11-15 Initial release.
v1.1 2022-11-29 Updated with reference to FreeBSD-EN-22:28.heimdal.
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
Heimdal implements the Kerberos 5 network authentication protocols.
A Key Distribution Center (KDC) is trusted by all principals registered
in that administrative "realm" to store a secret key in confidence, of
which, the proof of knowledge is used to verify the authenticity of a
principal.
II. Problem Description
Multiple security vulnerabilities have been discovered in the Heimdal
implementation of the Kerberos 5 network authentication protocols and KDC.
- - CVE-2022-42898 PAC parse integer overflows
- - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
- - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
- - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
- - CVE-2019-14870 Validate client attributes in protocol-transition
- - CVE-2019-14870 Apply forwardable policy in protocol-transition
- - CVE-2019-14870 Always lookup impersonate client in DB
III. Impact
A malicious actor with control of the network between a client and a service
using Kerberos for authentication can impersonate either the client or the
service, enabling a man-in-the-middle (MITM) attack circumventing mutual
authentication.
Note that, while CVE-2022-44640 is a severe vulnerability, possibly enabling
remote code execution on other platforms, the version of Heimdal included with
the FreeBSD base system cannot be exploited in this way on FreeBSD.
IV. Workaround
No workaround is available, but only systems using Kerberos are affected.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
A reboot is recommended.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
A reboot is recommended.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch
# fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch.asc
# gpg --verify heimdal.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) The original revision of this advisory included a patch which renders the
KDC inoperative. This was corrected in FreeBSD-EN-22:28.heimdal. Systems
using the KDC must download and verify an additional patch:
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch.asc
# gpg --verify heimdal.patch.asc
d) Apply the additional patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
e) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use the Kerberos, or reboot the system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ d0b6550173d2 stable/13-n253097
releng/13.1/ a1e014e89282 releng/13.1-n250170
stable/12/ r372752
releng/12.4/ r372755
releng/12.3/ r372753
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://github.com/heimdal/heimdal/releases/tag/heimdal-7.8.0>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640>
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267827>
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:28.heimdal.asc>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:14.heimdal.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlpAACgkQ05eS9J6n
5cJFGQ//TbsJox2faNwQaBoQy/gFSP6TgauZTZJR5A5Y6bRMcvkNJyl3KIM2XlWD
W+lJlxL7kERjv9zD6iI8rns4+FOO2p9f4ICZsWy88ABQrmpuz2N22MSd8NyXeRv0
30HyftaUMZdAPHVk5Piu7l3U6S4tPiO1BZEoMucG8cby1eWlPMtuH3K/0/CLZmPc
F8U+oRDwB5KnZgP39JmvejvGoXik1lhCrvaLZ5fG1QEmyb1xtjHfT+QSkh9FWLxz
jrHfwgpZFERprpMzqZAicbinV/LjZMfEbckJygzGNzSTTPD+uqT/jDmY+iHnkdF1
Lw9R8pJoJIpvckRrPLQIOZZuz/Xd4FRB7Gc/q4/x4HTP/8y/x1uKZmcbrh86W9xu
9jCLMgpqETEjHhqADX7Z4+7oxhCPmgSJP8dX5o0HvORs4bqqxbkLqkCsp8QXdcES
vftJGgpt1IPO8MBcr4pG6+cEcZQuk7qX0/D3PArxLkwU2coimP2MmjxyeWBX5GrI
zgdF2HiUYvuZXyt1FMgve+8JkS1RYEE+yPWeOJ5RnIuHnIaNTD81o1gIYuFL3ECb
UAREi6FYskzeJQ/W2ZRMwQPGMPDQI901+msfStjxgx92rKhxLW+rDsg0EUsApoOv
DzIaeCtOGCZMG/mLvVhOLYbqmFrHDbWy8cMoSti/lnx7OdLpnn4=
=L299
-----END PGP SIGNATURE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-22:14.heimdal Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in Heimdal [REVISED]
Category: contrib
Module: heimdal
Announced: 2022-11-15
Revised: 2022-11-29
Affects: All supported versions of FreeBSD.
Corrected: 2022-11-15 21:15:35 UTC (stable/13, 13.1-STABLE)
2022-11-16 01:50:27 UTC (releng/13.1, 13.1-RELEASE-p4)
2022-11-15 21:16:56 UTC (stable/12, 12.4-STABLE)
2022-11-16 01:47:57 UTC (releng/12.4, 12.4-RC2-p1)
2022-11-16 01:40:21 UTC (releng/12.3, 12.3-RELEASE-p9)
CVE Name: CVE-2019-14870, CVE-2022-3437, CVE-2022-42898,
CVE-2022-44640, CVE-2021-44758
0. Revision history
v1.0 2022-11-15 Initial release.
v1.1 2022-11-29 Updated with reference to FreeBSD-EN-22:28.heimdal.
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
Heimdal implements the Kerberos 5 network authentication protocols.
A Key Distribution Center (KDC) is trusted by all principals registered
in that administrative "realm" to store a secret key in confidence, of
which, the proof of knowledge is used to verify the authenticity of a
principal.
II. Problem Description
Multiple security vulnerabilities have been discovered in the Heimdal
implementation of the Kerberos 5 network authentication protocols and KDC.
- - CVE-2022-42898 PAC parse integer overflows
- - CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
- - CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
- - CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
- - CVE-2019-14870 Validate client attributes in protocol-transition
- - CVE-2019-14870 Apply forwardable policy in protocol-transition
- - CVE-2019-14870 Always lookup impersonate client in DB
III. Impact
A malicious actor with control of the network between a client and a service
using Kerberos for authentication can impersonate either the client or the
service, enabling a man-in-the-middle (MITM) attack circumventing mutual
authentication.
Note that, while CVE-2022-44640 is a severe vulnerability, possibly enabling
remote code execution on other platforms, the version of Heimdal included with
the FreeBSD base system cannot be exploited in this way on FreeBSD.
IV. Workaround
No workaround is available, but only systems using Kerberos are affected.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
A reboot is recommended.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
A reboot is recommended.
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch
# fetch https://security.FreeBSD.org/patches/SA-22:14/heimdal.patch.asc
# gpg --verify heimdal.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) The original revision of this advisory included a patch which renders the
KDC inoperative. This was corrected in FreeBSD-EN-22:28.heimdal. Systems
using the KDC must download and verify an additional patch:
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch.asc
# gpg --verify heimdal.patch.asc
d) Apply the additional patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
e) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use the Kerberos, or reboot the system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ d0b6550173d2 stable/13-n253097
releng/13.1/ a1e014e89282 releng/13.1-n250170
stable/12/ r372752
releng/12.4/ r372755
releng/12.3/ r372753
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://github.com/heimdal/heimdal/releases/tag/heimdal-7.8.0>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14870>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44758>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3437>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42898>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44640>
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267827>
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:28.heimdal.asc>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:14.heimdal.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlpAACgkQ05eS9J6n
5cJFGQ//TbsJox2faNwQaBoQy/gFSP6TgauZTZJR5A5Y6bRMcvkNJyl3KIM2XlWD
W+lJlxL7kERjv9zD6iI8rns4+FOO2p9f4ICZsWy88ABQrmpuz2N22MSd8NyXeRv0
30HyftaUMZdAPHVk5Piu7l3U6S4tPiO1BZEoMucG8cby1eWlPMtuH3K/0/CLZmPc
F8U+oRDwB5KnZgP39JmvejvGoXik1lhCrvaLZ5fG1QEmyb1xtjHfT+QSkh9FWLxz
jrHfwgpZFERprpMzqZAicbinV/LjZMfEbckJygzGNzSTTPD+uqT/jDmY+iHnkdF1
Lw9R8pJoJIpvckRrPLQIOZZuz/Xd4FRB7Gc/q4/x4HTP/8y/x1uKZmcbrh86W9xu
9jCLMgpqETEjHhqADX7Z4+7oxhCPmgSJP8dX5o0HvORs4bqqxbkLqkCsp8QXdcES
vftJGgpt1IPO8MBcr4pG6+cEcZQuk7qX0/D3PArxLkwU2coimP2MmjxyeWBX5GrI
zgdF2HiUYvuZXyt1FMgve+8JkS1RYEE+yPWeOJ5RnIuHnIaNTD81o1gIYuFL3ECb
UAREi6FYskzeJQ/W2ZRMwQPGMPDQI901+msfStjxgx92rKhxLW+rDsg0EUsApoOv
DzIaeCtOGCZMG/mLvVhOLYbqmFrHDbWy8cMoSti/lnx7OdLpnn4=
=L299
-----END PGP SIGNATURE-----
FreeBSD Errata Notice FreeBSD-EN-22:28.heimdal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-22:28.heimdal Errata Notice
The FreeBSD Project
Topic: Regression in Heimdal KDC
Category: contrib
Module: heimdal
Announced: 2022-11-29
Affects: All supported versions of FreeBSD.
Corrected: 2022-11-18 01:09:42 UTC (stable/13, 13.1-STABLE)
2022-11-29 23:04:48 UTC (releng/13.1, 13.1-RELEASE-p5)
2022-11-18 01:10:53 UTC (stable/12, 12.4-STABLE)
2022-11-29 23:19:12 UTC (releng/12.4, 12.4-RC2-p2)
2022-11-29 23:16:21 UTC (releng/12.3, 12.3-RELEASE-p10)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
Heimdal implements the Kerberos 5 network authentication protocols.
A Key Distribution Center (KDC) is trusted by all principals registered
in that administrative "realm" to store a secret key in confidence, of
which, the proof of knowledge is used to verify the authenticity of a
principal.
FreeBSD-SA-22:14.heimdal corrected multiple vulnerabilities in the Heimdal
implementation of the Kerberos 5 network authentication protocols and KDC
included as part of the FreeBSD base system.
II. Problem Description
The patch released with FreeBSD-SA-22:14.heimdal included an inadvertently
merged block of code which prevents the KDC from issuing valid tickets.
III. Impact
A system patched with FreeBSD-SA-22:14.heimdal will have a defective KDC.
IV. Workaround
No workaround is available. Systems that were not updated with the patch from
FreeBSD-SA-22:14.heimdal are not affected. Note that unpatched systems are
vulnerable to multiple security issues.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
A reboot is recommended.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
A reboot is recommended.
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch.asc
# gpg --verify heimdal.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use Kerberos, or reboot the system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ b23fe6badeba stable/13-n253102
releng/13.1/ 10571c04c9dd releng/13.1-n250173
stable/12/ r372759
releng/12.4/ r372779
releng/12.3/ r372776
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:14.heimdal.asc>
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267827>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:28.heimdal.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n
5cISog/8DVRGrMXWSdmaqa5KpO3SZ1o5mmhZDWYKRxDQZv0puJ6lTus44VtixzM6
ft1zRe2yQy3YoTtcxho2jY8zppcdg5r4rIR4rXsxIAjufxd53hxmWYXjN6zObxTB
Owebw+xvJSG5ls020iRECI+YjE32ssXLBI7XkqOVnErF/UmxkTQM86VPHene3WwU
EhwwM1i7ZUdl/11tGPft975u5waKUFxeRF4jpFLu/pbDqHBoFgY4AT2ivs+6jwaO
o4X0gBDKDh/xXU7yFSdPfF09PRgSCosPMr8UNWXBlS6WYEmGPiRlS3NDB8EMFDw/
AElMEqlT55DzdFi4qD91x+FPeIQ+NbJCNjFuZDXv4lZtAvGF/ue4wfxH/ZNcAo06
SH1tJolwu0l6Q7e/6a+cU7RsonVhv7K2j5DKddoNSZcla/kg9z1IkYGgt0OrtOWn
eMhuiLNsBZwebWsYWT/MG5nHaL79jWKPy69c+b8yXcpdrpfC4DNVmnTiiHzpus46
9K4X5aOgCMW6C19hIWvH74s6sWo8ZoEz4BaslJZ7AeHSv6HPGfUZBygtYm739a/J
U8WN+rRIzsaxHQXts6LF8xroJtUvxQ76TZgK58k/Pma+Xa0vdYLcyqd/XEaFm1CW
7rLqVzTsHTlOz7JaMLnNm1aY6KKyERnJ94ii+LOjeldCAVWMNE0=
=aUbR
-----END PGP SIGNATURE-----
Hash: SHA512
=============================================================================
FreeBSD-EN-22:28.heimdal Errata Notice
The FreeBSD Project
Topic: Regression in Heimdal KDC
Category: contrib
Module: heimdal
Announced: 2022-11-29
Affects: All supported versions of FreeBSD.
Corrected: 2022-11-18 01:09:42 UTC (stable/13, 13.1-STABLE)
2022-11-29 23:04:48 UTC (releng/13.1, 13.1-RELEASE-p5)
2022-11-18 01:10:53 UTC (stable/12, 12.4-STABLE)
2022-11-29 23:19:12 UTC (releng/12.4, 12.4-RC2-p2)
2022-11-29 23:16:21 UTC (releng/12.3, 12.3-RELEASE-p10)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.
I. Background
Heimdal implements the Kerberos 5 network authentication protocols.
A Key Distribution Center (KDC) is trusted by all principals registered
in that administrative "realm" to store a secret key in confidence, of
which, the proof of knowledge is used to verify the authenticity of a
principal.
FreeBSD-SA-22:14.heimdal corrected multiple vulnerabilities in the Heimdal
implementation of the Kerberos 5 network authentication protocols and KDC
included as part of the FreeBSD base system.
II. Problem Description
The patch released with FreeBSD-SA-22:14.heimdal included an inadvertently
merged block of code which prevents the KDC from issuing valid tickets.
III. Impact
A system patched with FreeBSD-SA-22:14.heimdal will have a defective KDC.
IV. Workaround
No workaround is available. Systems that were not updated with the patch from
FreeBSD-SA-22:14.heimdal are not affected. Note that unpatched systems are
vulnerable to multiple security issues.
V. Solution
Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.
A reboot is recommended.
Perform one of the following:
1) To update your system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
A reboot is recommended.
2) To update your system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch
# fetch https://security.FreeBSD.org/patches/EN-22:28/heimdal.patch.asc
# gpg --verify heimdal.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
Restart all daemons that use Kerberos, or reboot the system.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ b23fe6badeba stable/13-n253102
releng/13.1/ 10571c04c9dd releng/13.1-n250173
stable/12/ r372759
releng/12.4/ r372779
releng/12.3/ r372776
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:14.heimdal.asc>
<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267827>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-22:28.heimdal.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n
5cISog/8DVRGrMXWSdmaqa5KpO3SZ1o5mmhZDWYKRxDQZv0puJ6lTus44VtixzM6
ft1zRe2yQy3YoTtcxho2jY8zppcdg5r4rIR4rXsxIAjufxd53hxmWYXjN6zObxTB
Owebw+xvJSG5ls020iRECI+YjE32ssXLBI7XkqOVnErF/UmxkTQM86VPHene3WwU
EhwwM1i7ZUdl/11tGPft975u5waKUFxeRF4jpFLu/pbDqHBoFgY4AT2ivs+6jwaO
o4X0gBDKDh/xXU7yFSdPfF09PRgSCosPMr8UNWXBlS6WYEmGPiRlS3NDB8EMFDw/
AElMEqlT55DzdFi4qD91x+FPeIQ+NbJCNjFuZDXv4lZtAvGF/ue4wfxH/ZNcAo06
SH1tJolwu0l6Q7e/6a+cU7RsonVhv7K2j5DKddoNSZcla/kg9z1IkYGgt0OrtOWn
eMhuiLNsBZwebWsYWT/MG5nHaL79jWKPy69c+b8yXcpdrpfC4DNVmnTiiHzpus46
9K4X5aOgCMW6C19hIWvH74s6sWo8ZoEz4BaslJZ7AeHSv6HPGfUZBygtYm739a/J
U8WN+rRIzsaxHQXts6LF8xroJtUvxQ76TZgK58k/Pma+Xa0vdYLcyqd/XEaFm1CW
7rLqVzTsHTlOz7JaMLnNm1aY6KKyERnJ94ii+LOjeldCAVWMNE0=
=aUbR
-----END PGP SIGNATURE-----
FreeBSD Security Advisory FreeBSD-SA-22:15.ping
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-22:15.ping Security Advisory
The FreeBSD Project
Topic: Stack overflow in ping(8)
Category: core
Module: ping
Announced: 2022-11-29
Credits: Tom Jones
Affects: All supported versions of FreeBSD.
Corrected: 2022-11-29 22:56:33 UTC (stable/13, 13.1-STABLE)
2022-11-29 23:00:43 UTC (releng/13.1, 13.1-RELEASE-p5)
2022-11-29 22:57:16 UTC (stable/12, 12.4-STABLE)
2022-11-29 23:19:09 UTC (releng/12.4, 12.4-RC2-p2)
2022-11-29 23:16:17 UTC (releng/12.3, 12.3-RELEASE-p10)
CVE Name: CVE-2022-23093
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
ping(8) is a program that can be used to test reachability of a remote
host using ICMP messages. To send and receive ICMP messages, ping makes
use of raw sockets and therefore requires elevated privileges. To make
ping's functionality available to unprivileged users, it is installed
with the setuid bit set. When ping runs, it creates the raw socket
needed to do its work, and then revokes its elevated privileges.
II. Problem Description
ping reads raw IP packets from the network to process responses in the
pr_pack() function. As part of processing a response ping has to
reconstruct the IP header, the ICMP header and if present a "quoted
packet," which represents the packet that generated an ICMP error. The
quoted packet again has an IP header and an ICMP header.
The pr_pack() copies received IP and ICMP headers into stack buffers
for further processing. In so doing, it fails to take into account the
possible presence of IP option headers following the IP header in
either the response or the quoted packet. When IP options are present,
pr_pack() overflows the destination buffer by up to 40 bytes.
III. Impact
The memory safety bugs described above can be triggered by a remote
host, causing the ping program to crash. It may be possible for a
malicious host to trigger remote code execution in ping.
The ping process runs in a capability mode sandbox on all affected
versions of FreeBSD and is thus very constrainted in how it can interact
with the rest of the system at the point where the bug can occur.
IV. Workaround
No workaround is available.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-22:15/ping.patch
# fetch https://security.FreeBSD.org/patches/SA-22:15/ping.patch.asc
# gpg --verify ping.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 186f495d4be1 stable/13-n253187
releng/13.1/ 66c7b53d9516 releng/13.1-n250172
stable/12/ r372774
releng/12.4/ r372778
releng/12.3/ r372775
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23093>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:15.ping.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n
5cIQGw//ZiF50YbtOc7oYgVcJTGlBEAbKWV6OteTDpXWb/OlwkznGxwzrG0DPvWN
wHyItOPSAmdxqC4xZUsZh9HNxlim80r5TR1y4BE22Lsg2vL5Ir0h3tcqOKKpHYLS
KzNgishF1+J56JeU3TpTjOe5QbXK3EZiw092lH8uSXTp3PqcHxBfFuW9Cjc1Rq/u
ewjHWI7zNCMOpGh3w/v14ZxGl3aFusL1jmrcyi5kZub2Pr0N3bUKgS3/3wXfWF6o
hcFhl1ChmAwpT/1313LNE7SHPl4HCC5XK4r3w+wniLjOJUhnioOBjay29QLt5O53
0rYaINNvo7ooBSpcPO9ixta+7dqah+uuW3vnFewuahqNCaAGLhMDSPqyZW7KfYgU
F7TIDoBRHPHASFb3FOiAAcCNMCvmGl7vFyVoWe0xJ1ion2jqO83R8XOGgnHsPL/l
cTYTPdECPMIDMvmfIH9UAbNCzKEYdNjWsXUjFJKkxCBtwUcBRsn1TEu24zU2j9mS
hRlY1DAYVy8raYUnQp/f6Llroim5DKyUYpJpeB3j//Fk6KACRnZKsqsSIj9U3OYf
KD6zfJ35RrolPHePMPmy6vGPDYFocDo+YQSm1eauwfSeDGnsjBmIdzxahkgEav4Z
5agsPd2naEntMiJkGGgeuYCifEvkCttJbuTn2s+7VkuTap0uTuA=
=rown
-----END PGP SIGNATURE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-22:15.ping Security Advisory
The FreeBSD Project
Topic: Stack overflow in ping(8)
Category: core
Module: ping
Announced: 2022-11-29
Credits: Tom Jones
Affects: All supported versions of FreeBSD.
Corrected: 2022-11-29 22:56:33 UTC (stable/13, 13.1-STABLE)
2022-11-29 23:00:43 UTC (releng/13.1, 13.1-RELEASE-p5)
2022-11-29 22:57:16 UTC (stable/12, 12.4-STABLE)
2022-11-29 23:19:09 UTC (releng/12.4, 12.4-RC2-p2)
2022-11-29 23:16:17 UTC (releng/12.3, 12.3-RELEASE-p10)
CVE Name: CVE-2022-23093
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
ping(8) is a program that can be used to test reachability of a remote
host using ICMP messages. To send and receive ICMP messages, ping makes
use of raw sockets and therefore requires elevated privileges. To make
ping's functionality available to unprivileged users, it is installed
with the setuid bit set. When ping runs, it creates the raw socket
needed to do its work, and then revokes its elevated privileges.
II. Problem Description
ping reads raw IP packets from the network to process responses in the
pr_pack() function. As part of processing a response ping has to
reconstruct the IP header, the ICMP header and if present a "quoted
packet," which represents the packet that generated an ICMP error. The
quoted packet again has an IP header and an ICMP header.
The pr_pack() copies received IP and ICMP headers into stack buffers
for further processing. In so doing, it fails to take into account the
possible presence of IP option headers following the IP header in
either the response or the quoted packet. When IP options are present,
pr_pack() overflows the destination buffer by up to 40 bytes.
III. Impact
The memory safety bugs described above can be triggered by a remote
host, causing the ping program to crash. It may be possible for a
malicious host to trigger remote code execution in ping.
The ping process runs in a capability mode sandbox on all affected
versions of FreeBSD and is thus very constrainted in how it can interact
with the rest of the system at the point where the bug can occur.
IV. Workaround
No workaround is available.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or
(on FreeBSD 13 and later) arm64 platforms can be updated via the
freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-22:15/ping.patch
# fetch https://security.FreeBSD.org/patches/SA-22:15/ping.patch.asc
# gpg --verify ping.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
VI. Correction details
This issue is corrected by the corresponding Git commit hash or Subversion
revision number in the following stable and release branches:
Branch/path Hash Revision
- -------------------------------------------------------------------------
stable/13/ 186f495d4be1 stable/13-n253187
releng/13.1/ 66c7b53d9516 releng/13.1-n250172
stable/12/ r372774
releng/12.4/ r372778
releng/12.3/ r372775
- -------------------------------------------------------------------------
For FreeBSD 13 and later:
Run the following command to see which files were modified by a
particular commit:
# git show --stat <commit hash>
Or visit the following URL, replacing NNNNNN with the hash:
<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:
# git rev-list --count --first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular
revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23093>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-22:15.ping.asc>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmOGlvgACgkQ05eS9J6n
5cIQGw//ZiF50YbtOc7oYgVcJTGlBEAbKWV6OteTDpXWb/OlwkznGxwzrG0DPvWN
wHyItOPSAmdxqC4xZUsZh9HNxlim80r5TR1y4BE22Lsg2vL5Ir0h3tcqOKKpHYLS
KzNgishF1+J56JeU3TpTjOe5QbXK3EZiw092lH8uSXTp3PqcHxBfFuW9Cjc1Rq/u
ewjHWI7zNCMOpGh3w/v14ZxGl3aFusL1jmrcyi5kZub2Pr0N3bUKgS3/3wXfWF6o
hcFhl1ChmAwpT/1313LNE7SHPl4HCC5XK4r3w+wniLjOJUhnioOBjay29QLt5O53
0rYaINNvo7ooBSpcPO9ixta+7dqah+uuW3vnFewuahqNCaAGLhMDSPqyZW7KfYgU
F7TIDoBRHPHASFb3FOiAAcCNMCvmGl7vFyVoWe0xJ1ion2jqO83R8XOGgnHsPL/l
cTYTPdECPMIDMvmfIH9UAbNCzKEYdNjWsXUjFJKkxCBtwUcBRsn1TEu24zU2j9mS
hRlY1DAYVy8raYUnQp/f6Llroim5DKyUYpJpeB3j//Fk6KACRnZKsqsSIj9U3OYf
KD6zfJ35RrolPHePMPmy6vGPDYFocDo+YQSm1eauwfSeDGnsjBmIdzxahkgEav4Z
5agsPd2naEntMiJkGGgeuYCifEvkCttJbuTn2s+7VkuTap0uTuA=
=rown
-----END PGP SIGNATURE-----
[USN-5749-1] libsamplerate vulnerability
==========================================================================
Ubuntu Security Notice USN-5749-1
November 29, 2022
libsamplerate vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
libsamplerate could cause a crash if it processed a specially crafted
audio file.
Software Description:
- libsamplerate: Audio sample rate conversion library
Details:
Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate
did not properly perform bounds checking. If a user were tricked into
processing a specially crafted audio file, an attacker could possibly
use this issue to cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libsamplerate0 0.1.8-8ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5749-1
CVE-2017-7697
Ubuntu Security Notice USN-5749-1
November 29, 2022
libsamplerate vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
libsamplerate could cause a crash if it processed a specially crafted
audio file.
Software Description:
- libsamplerate: Audio sample rate conversion library
Details:
Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate
did not properly perform bounds checking. If a user were tricked into
processing a specially crafted audio file, an attacker could possibly
use this issue to cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libsamplerate0 0.1.8-8ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5749-1
CVE-2017-7697
[USN-5728-3] Linux kernel (GCP) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5728-3
November 29, 2022
linux-gcp-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
Details:
Jann Horn discovered that the Linux kernel did not properly track memory
allocations for anonymous VMA mappings in some situations, leading to
potential data structure reuse. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-42703)
It was discovered that a race condition existed in the memory address space
accounting implementation in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-41222)
It was discovered that a race condition existed in the instruction emulator
of the Linux kernel on Arm 64-bit systems. A local attacker could use this
to cause a denial of service (system crash). (CVE-2022-20422)
It was discovered that the KVM implementation in the Linux kernel did not
properly handle virtual CPUs without APICs in certain situations. A local
attacker could possibly use this to cause a denial of service (host system
crash). (CVE-2022-2153)
Hao Sun and Jiacheng Xu discovered that the NILFS file system
implementation in the Linux kernel contained a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-2978)
Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64
processors, the Linux kernel's protections against speculative branch
target injection attacks were insufficient in some circumstances. A local
attacker could possibly use this to expose sensitive information.
(CVE-2022-29901)
Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2022-3028)
It was discovered that the Netlink device interface implementation in the
Linux kernel did not properly handle certain error conditions, leading to a
use-after-free vulnerability with some network device drivers. A local
attacker with admin access to the network device could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-3625)
It was discovered that the IDT 77252 ATM PCI device driver in the Linux
kernel did not properly remove any pending timers during device exit,
resulting in a use-after-free vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-3635)
Jann Horn discovered a race condition existed in the Linux kernel when
unmapping VMAs in certain situations, resulting in possible use-after-free
vulnerabilities. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2022-39188)
Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX
storage controller driver in the Linux kernel did not properly handle
certain structures. A local attacker could potentially use this to expose
sensitive information (kernel memory). (CVE-2022-40768)
Sönke Huster discovered that a use-after-free vulnerability existed in the
WiFi driver stack in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-42719)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-5.4.0-1093-gcp 5.4.0-1093.102~18.04.1
linux-image-gcp 5.4.0.1093.71
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5728-3
https://ubuntu.com/security/notices/USN-5728-1
CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901,
CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188,
CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719
Package Information:
https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1093.102~18.04.1
Ubuntu Security Notice USN-5728-3
November 29, 2022
linux-gcp-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
Details:
Jann Horn discovered that the Linux kernel did not properly track memory
allocations for anonymous VMA mappings in some situations, leading to
potential data structure reuse. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-42703)
It was discovered that a race condition existed in the memory address space
accounting implementation in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-41222)
It was discovered that a race condition existed in the instruction emulator
of the Linux kernel on Arm 64-bit systems. A local attacker could use this
to cause a denial of service (system crash). (CVE-2022-20422)
It was discovered that the KVM implementation in the Linux kernel did not
properly handle virtual CPUs without APICs in certain situations. A local
attacker could possibly use this to cause a denial of service (host system
crash). (CVE-2022-2153)
Hao Sun and Jiacheng Xu discovered that the NILFS file system
implementation in the Linux kernel contained a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-2978)
Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64
processors, the Linux kernel's protections against speculative branch
target injection attacks were insufficient in some circumstances. A local
attacker could possibly use this to expose sensitive information.
(CVE-2022-29901)
Abhishek Shah discovered a race condition in the PF_KEYv2 implementation in
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly expose sensitive information (kernel
memory). (CVE-2022-3028)
It was discovered that the Netlink device interface implementation in the
Linux kernel did not properly handle certain error conditions, leading to a
use-after-free vulnerability with some network device drivers. A local
attacker with admin access to the network device could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-3625)
It was discovered that the IDT 77252 ATM PCI device driver in the Linux
kernel did not properly remove any pending timers during device exit,
resulting in a use-after-free vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-3635)
Jann Horn discovered a race condition existed in the Linux kernel when
unmapping VMAs in certain situations, resulting in possible use-after-free
vulnerabilities. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2022-39188)
Xingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX
storage controller driver in the Linux kernel did not properly handle
certain structures. A local attacker could potentially use this to expose
sensitive information (kernel memory). (CVE-2022-40768)
Sönke Huster discovered that a use-after-free vulnerability existed in the
WiFi driver stack in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-42719)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-5.4.0-1093-gcp 5.4.0-1093.102~18.04.1
linux-image-gcp 5.4.0.1093.71
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5728-3
https://ubuntu.com/security/notices/USN-5728-1
CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-29901,
CVE-2022-3028, CVE-2022-3625, CVE-2022-3635, CVE-2022-39188,
CVE-2022-40768, CVE-2022-41222, CVE-2022-42703, CVE-2022-42719
Package Information:
https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1093.102~18.04.1
[USN-5745-2] shadow regression
==========================================================================
Ubuntu Security Notice USN-5745-2
November 29, 2022
shadow regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
USN-5745-1 introduced a regression in shadow.
Software Description:
- shadow: system login tools
Details:
USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update
introduced a regression that caused useradd to behave incorrectly in Ubuntu
14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This
update reverts the security fix pending further investigation.
We apologize for the inconvenience.
Original advisory details:
Florian Weimer discovered that shadow was not properly copying and
removing
user directory trees, which could lead to a race condition. A local
attacker
could possibly use this issue to setup a symlink attack and alter or
remove
directories without authorization.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
login 1:4.8.1-1ubuntu5.20.04.4
passwd 1:4.8.1-1ubuntu5.20.04.4
uidmap 1:4.8.1-1ubuntu5.20.04.4
Ubuntu 18.04 LTS:
login 1:4.5-1ubuntu2.5
passwd 1:4.5-1ubuntu2.5
uidmap 1:4.5-1ubuntu2.5
Ubuntu 16.04 ESM:
login 1:4.2-3.1ubuntu5.5+esm3
passwd 1:4.2-3.1ubuntu5.5+esm3
uidmap 1:4.2-3.1ubuntu5.5+esm3
Ubuntu 14.04 ESM:
login 1:4.1.5.1-1ubuntu9.5+esm3
passwd 1:4.1.5.1-1ubuntu9.5+esm3
uidmap 1:4.1.5.1-1ubuntu9.5+esm3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5745-2
https://ubuntu.com/security/notices/USN-5745-1
https://launchpad.net/bugs/1998169
Package Information:
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-1ubuntu5.20.04.4
https://launchpad.net/ubuntu/+source/shadow/1:4.5-1ubuntu2.5
Ubuntu Security Notice USN-5745-2
November 29, 2022
shadow regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
USN-5745-1 introduced a regression in shadow.
Software Description:
- shadow: system login tools
Details:
USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update
introduced a regression that caused useradd to behave incorrectly in Ubuntu
14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This
update reverts the security fix pending further investigation.
We apologize for the inconvenience.
Original advisory details:
Florian Weimer discovered that shadow was not properly copying and
removing
user directory trees, which could lead to a race condition. A local
attacker
could possibly use this issue to setup a symlink attack and alter or
remove
directories without authorization.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
login 1:4.8.1-1ubuntu5.20.04.4
passwd 1:4.8.1-1ubuntu5.20.04.4
uidmap 1:4.8.1-1ubuntu5.20.04.4
Ubuntu 18.04 LTS:
login 1:4.5-1ubuntu2.5
passwd 1:4.5-1ubuntu2.5
uidmap 1:4.5-1ubuntu2.5
Ubuntu 16.04 ESM:
login 1:4.2-3.1ubuntu5.5+esm3
passwd 1:4.2-3.1ubuntu5.5+esm3
uidmap 1:4.2-3.1ubuntu5.5+esm3
Ubuntu 14.04 ESM:
login 1:4.1.5.1-1ubuntu9.5+esm3
passwd 1:4.1.5.1-1ubuntu9.5+esm3
uidmap 1:4.1.5.1-1ubuntu9.5+esm3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5745-2
https://ubuntu.com/security/notices/USN-5745-1
https://launchpad.net/bugs/1998169
Package Information:
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-1ubuntu5.20.04.4
https://launchpad.net/ubuntu/+source/shadow/1:4.5-1ubuntu2.5
[USN-5748-1] Sysstat vulnerability
==========================================================================
Ubuntu Security Notice USN-5748-1
November 29, 2022
sysstat vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Sysstat could be made to crash or run programs if it processed specially
crafted data.
Software Description:
- sysstat: system performance tools for Linux
Details:
It was discovered that Sysstat incorrectly handled certain arithmetic
multiplications. An attacker could use this issue to cause Sysstat to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
isag 12.5.6-1ubuntu0.1
sysstat 12.5.6-1ubuntu0.1
Ubuntu 22.04 LTS:
isag 12.5.2-2ubuntu0.1
sysstat 12.5.2-2ubuntu0.1
Ubuntu 20.04 LTS:
isag 12.2.0-2ubuntu0.2
sysstat 12.2.0-2ubuntu0.2
Ubuntu 18.04 LTS:
isag 11.6.1-1ubuntu0.2
sysstat 11.6.1-1ubuntu0.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5748-1
CVE-2022-39377
Package Information:
https://launchpad.net/ubuntu/+source/sysstat/12.5.6-1ubuntu0.1
https://launchpad.net/ubuntu/+source/sysstat/12.5.2-2ubuntu0.1
https://launchpad.net/ubuntu/+source/sysstat/12.2.0-2ubuntu0.2
https://launchpad.net/ubuntu/+source/sysstat/11.6.1-1ubuntu0.2
Ubuntu Security Notice USN-5748-1
November 29, 2022
sysstat vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Sysstat could be made to crash or run programs if it processed specially
crafted data.
Software Description:
- sysstat: system performance tools for Linux
Details:
It was discovered that Sysstat incorrectly handled certain arithmetic
multiplications. An attacker could use this issue to cause Sysstat to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
isag 12.5.6-1ubuntu0.1
sysstat 12.5.6-1ubuntu0.1
Ubuntu 22.04 LTS:
isag 12.5.2-2ubuntu0.1
sysstat 12.5.2-2ubuntu0.1
Ubuntu 20.04 LTS:
isag 12.2.0-2ubuntu0.2
sysstat 12.2.0-2ubuntu0.2
Ubuntu 18.04 LTS:
isag 11.6.1-1ubuntu0.2
sysstat 11.6.1-1ubuntu0.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5748-1
CVE-2022-39377
Package Information:
https://launchpad.net/ubuntu/+source/sysstat/12.5.6-1ubuntu0.1
https://launchpad.net/ubuntu/+source/sysstat/12.5.2-2ubuntu0.1
https://launchpad.net/ubuntu/+source/sysstat/12.2.0-2ubuntu0.2
https://launchpad.net/ubuntu/+source/sysstat/11.6.1-1ubuntu0.2
[USN-5747-1] Bind vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5747-1
November 29, 2022
bind9 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Bind.
Software Description:
- bind9: Internet Domain Name Server
Details:
It was discovered that Bind incorrectly handled large query name when using
lightweight resolver protocol. A remote attacker could use this issue to
consume resources, leading to a denial of service. (CVE-2016-2775)
It was discovered that Bind incorrectly handled large zone data size
received via AXFR response. A remote authenticated attacker could use this
issue to consume resources, leading to a denial of service. This issue only
affected Ubuntu 16.04 LTS. (CVE-2016-6170)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
bind9 1:9.10.3.dfsg.P4-8ubuntu1.19+esm5
lwresd 1:9.10.3.dfsg.P4-8ubuntu1.19+esm5
Ubuntu 14.04 ESM:
bind9 1:9.9.5.dfsg-3ubuntu0.19+esm9
lwresd 1:9.9.5.dfsg-3ubuntu0.19+esm9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5747-1
CVE-2016-2775, CVE-2016-6170
Ubuntu Security Notice USN-5747-1
November 29, 2022
bind9 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Bind.
Software Description:
- bind9: Internet Domain Name Server
Details:
It was discovered that Bind incorrectly handled large query name when using
lightweight resolver protocol. A remote attacker could use this issue to
consume resources, leading to a denial of service. (CVE-2016-2775)
It was discovered that Bind incorrectly handled large zone data size
received via AXFR response. A remote authenticated attacker could use this
issue to consume resources, leading to a denial of service. This issue only
affected Ubuntu 16.04 LTS. (CVE-2016-6170)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
bind9 1:9.10.3.dfsg.P4-8ubuntu1.19+esm5
lwresd 1:9.10.3.dfsg.P4-8ubuntu1.19+esm5
Ubuntu 14.04 ESM:
bind9 1:9.9.5.dfsg-3ubuntu0.19+esm9
lwresd 1:9.9.5.dfsg-3ubuntu0.19+esm9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5747-1
CVE-2016-2775, CVE-2016-6170
Monday, November 28, 2022
[USN-5746-1] HarfBuzz vulnerability
==========================================================================
Ubuntu Security Notice USN-5746-1
November 28, 2022
harfbuzz vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
HarfBuzz could be made to crash if it received specially crafted
input.
Software Description:
- harfbuzz: OpenType text shaping engine
Details:
Behzad Najjarpour Jabbari discovered that HarfBuzz incorrectly handled
certain inputs. A remote attacker could possibly use this issue to cause
a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libharfbuzz-bin 1.0.1-1ubuntu0.1+esm1
libharfbuzz0b 1.0.1-1ubuntu0.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5746-1
CVE-2015-9274
Ubuntu Security Notice USN-5746-1
November 28, 2022
harfbuzz vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
HarfBuzz could be made to crash if it received specially crafted
input.
Software Description:
- harfbuzz: OpenType text shaping engine
Details:
Behzad Najjarpour Jabbari discovered that HarfBuzz incorrectly handled
certain inputs. A remote attacker could possibly use this issue to cause
a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libharfbuzz-bin 1.0.1-1ubuntu0.1+esm1
libharfbuzz0b 1.0.1-1ubuntu0.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5746-1
CVE-2015-9274
Planned Outage - Updates / Reboots - 2022-11-30 21:00 UTC
There will be an outage starting at 2022-11-30 21:00 UTC
which will last approximately 5 hours.
To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:
date -d '2022-11-30 21:00UTC'
Reason for outage:
We will be applying updates and rebooting servers. This will update some servers to RHEL8.7, some to 9.1 and we will be updating others to Fedora 37.
Affected Services:
A large number of services may be affected for short times in the outage window. Critical services (websites, mirrorlists) will be up the entire time.
Ticket Link:
https://pagure.io/fedora-infrastructure/issue/11014
Please join #fedora-admin or #fedora-noc on irc.libera.chat
or add comments to the ticket for this outage above.
which will last approximately 5 hours.
To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:
date -d '2022-11-30 21:00UTC'
Reason for outage:
We will be applying updates and rebooting servers. This will update some servers to RHEL8.7, some to 9.1 and we will be updating others to Fedora 37.
Affected Services:
A large number of services may be affected for short times in the outage window. Critical services (websites, mirrorlists) will be up the entire time.
Ticket Link:
https://pagure.io/fedora-infrastructure/issue/11014
Please join #fedora-admin or #fedora-noc on irc.libera.chat
or add comments to the ticket for this outage above.
[USN-5689-2] Perl vulnerability
==========================================================================
Ubuntu Security Notice USN-5689-2
November 28, 2022
perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
Summary:
Perl could be made to by pass signature verification.
Software Description:
- perl: Practical Extraction and Report Language
Details:
USN-5689-1 fixed a vulnerability in Perl.
This update provides the corresponding update for Ubuntu 22.10.
Original advisory details:
It was discovered that Perl incorrectly handled certain signature verification.
An remote attacker could possibly use this issue to bypass signature verification.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
perl 5.34.0-5ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5689-2
https://ubuntu.com/security/notices/USN-5689-1
CVE-2020-16156
Package Information:
https://launchpad.net/ubuntu/+source/perl/5.34.0-5ubuntu1.1
Ubuntu Security Notice USN-5689-2
November 28, 2022
perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
Summary:
Perl could be made to by pass signature verification.
Software Description:
- perl: Practical Extraction and Report Language
Details:
USN-5689-1 fixed a vulnerability in Perl.
This update provides the corresponding update for Ubuntu 22.10.
Original advisory details:
It was discovered that Perl incorrectly handled certain signature verification.
An remote attacker could possibly use this issue to bypass signature verification.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
perl 5.34.0-5ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5689-2
https://ubuntu.com/security/notices/USN-5689-1
CVE-2020-16156
Package Information:
https://launchpad.net/ubuntu/+source/perl/5.34.0-5ubuntu1.1
[USN-5745-1] shadow vulnerability
==========================================================================
Ubuntu Security Notice USN-5745-1
November 28, 2022
shadow vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
shadow could be made to overwrite files.
Software Description:
- shadow: system login tools
Details:
Florian Weimer discovered that shadow was not properly copying and removing
user directory trees, which could lead to a race condition. A local attacker
could possibly use this issue to setup a symlink attack and alter or remove
directories without authorization.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
libsubid4 1:4.11.1+dfsg1-2ubuntu1.1
login 1:4.11.1+dfsg1-2ubuntu1.1
passwd 1:4.11.1+dfsg1-2ubuntu1.1
uidmap 1:4.11.1+dfsg1-2ubuntu1.1
Ubuntu 22.04 LTS:
login 1:4.8.1-2ubuntu2.1
passwd 1:4.8.1-2ubuntu2.1
uidmap 1:4.8.1-2ubuntu2.1
Ubuntu 20.04 LTS:
login 1:4.8.1-1ubuntu5.20.04.3
passwd 1:4.8.1-1ubuntu5.20.04.3
uidmap 1:4.8.1-1ubuntu5.20.04.3
Ubuntu 18.04 LTS:
login 1:4.5-1ubuntu2.4
passwd 1:4.5-1ubuntu2.4
uidmap 1:4.5-1ubuntu2.4
Ubuntu 16.04 ESM:
login 1:4.2-3.1ubuntu5.5+esm2
passwd 1:4.2-3.1ubuntu5.5+esm2
uidmap 1:4.2-3.1ubuntu5.5+esm2
Ubuntu 14.04 ESM:
login 1:4.1.5.1-1ubuntu9.5+esm2
passwd 1:4.1.5.1-1ubuntu9.5+esm2
uidmap 1:4.1.5.1-1ubuntu9.5+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5745-1
CVE-2013-4235
Package Information:
https://launchpad.net/ubuntu/+source/shadow/1:4.11.1+dfsg1-2ubuntu1.1
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-2ubuntu2.1
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-1ubuntu5.20.04.3
https://launchpad.net/ubuntu/+source/shadow/1:4.5-1ubuntu2.4
Ubuntu Security Notice USN-5745-1
November 28, 2022
shadow vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
shadow could be made to overwrite files.
Software Description:
- shadow: system login tools
Details:
Florian Weimer discovered that shadow was not properly copying and removing
user directory trees, which could lead to a race condition. A local attacker
could possibly use this issue to setup a symlink attack and alter or remove
directories without authorization.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
libsubid4 1:4.11.1+dfsg1-2ubuntu1.1
login 1:4.11.1+dfsg1-2ubuntu1.1
passwd 1:4.11.1+dfsg1-2ubuntu1.1
uidmap 1:4.11.1+dfsg1-2ubuntu1.1
Ubuntu 22.04 LTS:
login 1:4.8.1-2ubuntu2.1
passwd 1:4.8.1-2ubuntu2.1
uidmap 1:4.8.1-2ubuntu2.1
Ubuntu 20.04 LTS:
login 1:4.8.1-1ubuntu5.20.04.3
passwd 1:4.8.1-1ubuntu5.20.04.3
uidmap 1:4.8.1-1ubuntu5.20.04.3
Ubuntu 18.04 LTS:
login 1:4.5-1ubuntu2.4
passwd 1:4.5-1ubuntu2.4
uidmap 1:4.5-1ubuntu2.4
Ubuntu 16.04 ESM:
login 1:4.2-3.1ubuntu5.5+esm2
passwd 1:4.2-3.1ubuntu5.5+esm2
uidmap 1:4.2-3.1ubuntu5.5+esm2
Ubuntu 14.04 ESM:
login 1:4.1.5.1-1ubuntu9.5+esm2
passwd 1:4.1.5.1-1ubuntu9.5+esm2
uidmap 1:4.1.5.1-1ubuntu9.5+esm2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5745-1
CVE-2013-4235
Package Information:
https://launchpad.net/ubuntu/+source/shadow/1:4.11.1+dfsg1-2ubuntu1.1
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-2ubuntu2.1
https://launchpad.net/ubuntu/+source/shadow/1:4.8.1-1ubuntu5.20.04.3
https://launchpad.net/ubuntu/+source/shadow/1:4.5-1ubuntu2.4
[USN-5744-1] libICE vulnerability
==========================================================================
Ubuntu Security Notice USN-5744-1
November 28, 2022
libice vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Weak session cookies generated using libICE could allow sensitive
information to be exposed.
Software Description:
- libice: X11 Inter-Client Exchange library (development headers)
Details:
It was discovered that libICE was using a weak mechanism to generate the
session cookies. A local attacker could possibly use this issue to perform
a privilege escalation attack.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libice-dev 2:1.0.9-2ubuntu0.18.04.1
libice6 2:1.0.9-2ubuntu0.18.04.1
Ubuntu 16.04 ESM:
libice-dev 2:1.0.9-1ubuntu0.16.04.1+esm1
libice6 2:1.0.9-1ubuntu0.16.04.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5744-1
CVE-2017-2626
Package Information:
https://launchpad.net/ubuntu/+source/libice/2:1.0.9-2ubuntu0.18.04.1
Ubuntu Security Notice USN-5744-1
November 28, 2022
libice vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Weak session cookies generated using libICE could allow sensitive
information to be exposed.
Software Description:
- libice: X11 Inter-Client Exchange library (development headers)
Details:
It was discovered that libICE was using a weak mechanism to generate the
session cookies. A local attacker could possibly use this issue to perform
a privilege escalation attack.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libice-dev 2:1.0.9-2ubuntu0.18.04.1
libice6 2:1.0.9-2ubuntu0.18.04.1
Ubuntu 16.04 ESM:
libice-dev 2:1.0.9-1ubuntu0.16.04.1+esm1
libice6 2:1.0.9-1ubuntu0.16.04.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5744-1
CVE-2017-2626
Package Information:
https://launchpad.net/ubuntu/+source/libice/2:1.0.9-2ubuntu0.18.04.1
Friday, November 25, 2022
OpenBSD Errata: November 26, 2022 (vmm unwind pfsync)
Errata patches for vmm(4), unwind(8), and pfsync(4) have been
released for OpenBSD 7.2. Errata patch for unwind(8) has been
released for OpenBSD 7.1.
Binary updates for the amd64, i386 and arm64 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata71.html
https://www.openbsd.org/errata72.html
released for OpenBSD 7.2. Errata patch for unwind(8) has been
released for OpenBSD 7.1.
Binary updates for the amd64, i386 and arm64 platform are available
via the syspatch utility. Source code patches can be found on the
respective errata page:
https://www.openbsd.org/errata71.html
https://www.openbsd.org/errata72.html
Thursday, November 24, 2022
[USN-5743-1] LibTIFF vulnerability
==========================================================================
Ubuntu Security Notice USN-5743-1
November 24, 2022
tiff vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
LibTIFF could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- tiff: Tag Image File Format (TIFF) library
Details:
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a
specially crafted image, a remote attacker could crash the application,
leading to a denial of service, or possibly execute arbitrary code with
user privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libtiff-tools 4.0.6-1ubuntu0.8+esm8
libtiff5 4.0.6-1ubuntu0.8+esm8
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5743-1
CVE-2022-3970
Ubuntu Security Notice USN-5743-1
November 24, 2022
tiff vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
LibTIFF could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- tiff: Tag Image File Format (TIFF) library
Details:
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a
specially crafted image, a remote attacker could crash the application,
leading to a denial of service, or possibly execute arbitrary code with
user privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libtiff-tools 4.0.6-1ubuntu0.8+esm8
libtiff5 4.0.6-1ubuntu0.8+esm8
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5743-1
CVE-2022-3970
[USN-5742-1] JBIG-KIT vulnerability
==========================================================================
Ubuntu Security Notice USN-5742-1
November 24, 2022
jbigkit vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
JBIG-KIT could be made to crash if it opened a specially crafted file.
Software Description:
- jbigkit: JBIG1 data compression library
Details:
It was discovered that JBIG-KIT incorrectly handled decoding certain large
image files. If a user or automated system using JBIG-KIT were tricked into
opening a specially crafted file, an attacker could possibly use this issue
to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
jbigkit-bin 2.1-3.1ubuntu0.22.10.1
libjbig0 2.1-3.1ubuntu0.22.10.1
Ubuntu 22.04 LTS:
jbigkit-bin 2.1-3.1ubuntu0.22.04.1
libjbig0 2.1-3.1ubuntu0.22.04.1
Ubuntu 20.04 LTS:
jbigkit-bin 2.1-3.1ubuntu0.20.04.1
libjbig0 2.1-3.1ubuntu0.20.04.1
Ubuntu 18.04 LTS:
jbigkit-bin 2.1-3.1ubuntu0.18.04.1
libjbig0 2.1-3.1ubuntu0.18.04.1
Ubuntu 16.04 ESM:
jbigkit-bin 2.1-3.1ubuntu0.1~esm1
libjbig0 2.1-3.1ubuntu0.1~esm1
Ubuntu 14.04 ESM:
jbigkit-bin 2.0-2ubuntu4.1+esm1
libjbig0 2.0-2ubuntu4.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5742-1
CVE-2017-9937
Package Information:
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.22.10.1
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.22.04.1
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.18.04.1
Ubuntu Security Notice USN-5742-1
November 24, 2022
jbigkit vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
JBIG-KIT could be made to crash if it opened a specially crafted file.
Software Description:
- jbigkit: JBIG1 data compression library
Details:
It was discovered that JBIG-KIT incorrectly handled decoding certain large
image files. If a user or automated system using JBIG-KIT were tricked into
opening a specially crafted file, an attacker could possibly use this issue
to cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
jbigkit-bin 2.1-3.1ubuntu0.22.10.1
libjbig0 2.1-3.1ubuntu0.22.10.1
Ubuntu 22.04 LTS:
jbigkit-bin 2.1-3.1ubuntu0.22.04.1
libjbig0 2.1-3.1ubuntu0.22.04.1
Ubuntu 20.04 LTS:
jbigkit-bin 2.1-3.1ubuntu0.20.04.1
libjbig0 2.1-3.1ubuntu0.20.04.1
Ubuntu 18.04 LTS:
jbigkit-bin 2.1-3.1ubuntu0.18.04.1
libjbig0 2.1-3.1ubuntu0.18.04.1
Ubuntu 16.04 ESM:
jbigkit-bin 2.1-3.1ubuntu0.1~esm1
libjbig0 2.1-3.1ubuntu0.1~esm1
Ubuntu 14.04 ESM:
jbigkit-bin 2.0-2ubuntu4.1+esm1
libjbig0 2.0-2ubuntu4.1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5742-1
CVE-2017-9937
Package Information:
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.22.10.1
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.22.04.1
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/jbigkit/2.1-3.1ubuntu0.18.04.1
[USN-5741-1] Exim vulnerability
==========================================================================
Ubuntu Security Notice USN-5741-1
November 24, 2022
exim4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Exim could be made to crash or run programs if it processed specially
crafted regular expressions.
Software Description:
- exim4: Exim is a mail transport agent
Details:
It was discovered that Exim incorrectly handled certain regular
expressions. An attacker could use this issue to cause Exim to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
exim4-base 4.96-3ubuntu1.1
exim4-daemon-heavy 4.96-3ubuntu1.1
exim4-daemon-light 4.96-3ubuntu1.1
Ubuntu 22.04 LTS:
exim4-base 4.95-4ubuntu2.2
exim4-daemon-heavy 4.95-4ubuntu2.2
exim4-daemon-light 4.95-4ubuntu2.2
Ubuntu 20.04 LTS:
exim4-base 4.93-13ubuntu1.7
exim4-daemon-heavy 4.93-13ubuntu1.7
exim4-daemon-light 4.93-13ubuntu1.7
Ubuntu 18.04 LTS:
exim4-base 4.90.1-1ubuntu1.10
exim4-daemon-heavy 4.90.1-1ubuntu1.10
exim4-daemon-light 4.90.1-1ubuntu1.10
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5741-1
CVE-2022-3559
Package Information:
https://launchpad.net/ubuntu/+source/exim4/4.96-3ubuntu1.1
https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.2
https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.7
https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.10
Ubuntu Security Notice USN-5741-1
November 24, 2022
exim4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Exim could be made to crash or run programs if it processed specially
crafted regular expressions.
Software Description:
- exim4: Exim is a mail transport agent
Details:
It was discovered that Exim incorrectly handled certain regular
expressions. An attacker could use this issue to cause Exim to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
exim4-base 4.96-3ubuntu1.1
exim4-daemon-heavy 4.96-3ubuntu1.1
exim4-daemon-light 4.96-3ubuntu1.1
Ubuntu 22.04 LTS:
exim4-base 4.95-4ubuntu2.2
exim4-daemon-heavy 4.95-4ubuntu2.2
exim4-daemon-light 4.95-4ubuntu2.2
Ubuntu 20.04 LTS:
exim4-base 4.93-13ubuntu1.7
exim4-daemon-heavy 4.93-13ubuntu1.7
exim4-daemon-light 4.93-13ubuntu1.7
Ubuntu 18.04 LTS:
exim4-base 4.90.1-1ubuntu1.10
exim4-daemon-heavy 4.90.1-1ubuntu1.10
exim4-daemon-light 4.90.1-1ubuntu1.10
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5741-1
CVE-2022-3559
Package Information:
https://launchpad.net/ubuntu/+source/exim4/4.96-3ubuntu1.1
https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.2
https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.7
https://launchpad.net/ubuntu/+source/exim4/4.90.1-1ubuntu1.10
[USN-5736-1] ImageMagick vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5736-1
November 24, 2022
imagemagick vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ImageMagick.
Software Description:
- imagemagick: Image manipulation programs and library
Details:
It was discovered that ImageMagick incorrectly handled certain values
when processing PDF files. If a user or automated system using ImageMagick
were tricked into opening a specially crafted PDF file, an attacker could
exploit this to cause a denial of service. This issue only affected Ubuntu
14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service. This issue only
affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service. This issue only
affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10.
(CVE-2021-20243)
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
22.10. (CVE-2021-20244)
It was discovered that ImageMagick could be made to divide by zero when
processing crafted file. By tricking a user into opening a specially
crafted image file, an attacker could crash the application causing a
denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20245)
It was discovered that ImageMagick incorrectly handled certain values
when performing resampling operations. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. This issue only affected Ubuntu 22.10.
(CVE-2021-20246)
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
22.10. (CVE-2021-20309)
It was discovered that ImageMagick incorrectly handled certain values
when processing thumbnail image data. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. This issue only affected Ubuntu 22.10.
(CVE-2021-20312)
It was discovered that ImageMagick incorrectly handled memory cleanup
when performing certain cryptographic operations. Under certain conditions
sensitive cryptographic information could be disclosed. This issue only
affected Ubuntu 22.10. (CVE-2021-20313)
It was discovered that ImageMagick did not properly manage memory under
certain circumstances. If a user were tricked into opening a specially
crafted file using convert command, an attacker could possibly use this
issue to cause ImageMagick to crash, resulting in a denial of service. This
issue only affected Ubuntu 22.10. (CVE-2021-3574)
It was discovered that ImageMagick did not use the correct rights when
specifically excluded by a module policy. An attacker could use this issue
to read and write certain restricted files. This issue only affected
Ubuntu 22.10. (CVE-2021-39212)
It was discovered that ImageMagick incorrectly handled certain values
when processing specially crafted SVG files. By tricking a user into
opening a specially crafted SVG file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
22.10. (CVE-2021-4219)
It was discovered that ImageMagick did not properly manage memory under
certain circumstances. If a user were tricked into opening a specially
crafted DICOM file, an attacker could possibly use this issue to cause
ImageMagick to crash, resulting in a denial of service or leaking sensitive
information. This issue only affected Ubuntu 22.10. (CVE-2022-1114)
It was discovered that ImageMagick incorrectly handled memory under
certain circumstances. If a user were tricked into opening a specially
crafted image file, an attacker could possibly exploit this issue to cause
a denial of service or other unspecified impact. This issue only affected
Ubuntu 22.10. (CVE-2022-28463)
It was discovered that ImageMagick incorrectly handled certain values.
If a user were tricked into processing a specially crafted image file,
an attacker could possibly exploit this issue to cause a denial of service
or other unspecified impact. This issue only affected Ubuntu 14.04 ESM,
Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32545, CVE-2022-32546)
It was discovered that ImageMagick incorrectly handled memory under
certain circumstances. If a user were tricked into processing a specially
crafted image file, an attacker could possibly exploit this issue to cause
a denial of service or other unspecified impact. This issue only affected
Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32547)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
imagemagick 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-6-common 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-6.q16 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-6.q16hdri 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-common 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libimage-magick-perl 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libimage-magick-q16-perl 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-6.q16-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-6.q16hdri-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6-arch-config 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6-headers 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16-6-extra 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16hdri-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickwand-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickwand-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickwand-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
perlmagick 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
Ubuntu 18.04 LTS:
imagemagick 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-6-common 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-6.q16 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-6.q16hdri 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-common 8:6.9.7.4+dfsg-16ubuntu6.14
libimage-magick-perl 8:6.9.7.4+dfsg-16ubuntu6.14
libimage-magick-q16-perl 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-6.q16-7 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-6.q16hdri-7 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6-arch-config 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6-headers 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16-3-extra 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16hdri-3 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickwand-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickwand-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickwand-dev 8:6.9.7.4+dfsg-16ubuntu6.14
perlmagick 8:6.9.7.4+dfsg-16ubuntu6.14
Ubuntu 16.04 ESM:
imagemagick 8:6.8.9.9-7ubuntu5.16+esm5
imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm5
imagemagick-common 8:6.8.9.9-7ubuntu5.16+esm5
libimage-magick-perl 8:6.8.9.9-7ubuntu5.16+esm5
libimage-magick-q16-perl 8:6.8.9.9-7ubuntu5.16+esm5
libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm5
libmagick++-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagick++-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6-arch-config 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6-headers 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickwand-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm5
libmagickwand-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickwand-dev 8:6.8.9.9-7ubuntu5.16+esm5
perlmagick 8:6.8.9.9-7ubuntu5.16+esm5
Ubuntu 14.04 ESM:
imagemagick 8:6.7.7.10-6ubuntu3.13+esm3
imagemagick-common 8:6.7.7.10-6ubuntu3.13+esm3
libmagick++-dev 8:6.7.7.10-6ubuntu3.13+esm3
libmagick++5 8:6.7.7.10-6ubuntu3.13+esm3
libmagickcore-dev 8:6.7.7.10-6ubuntu3.13+esm3
libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm3
libmagickcore5-extra 8:6.7.7.10-6ubuntu3.13+esm3
libmagickwand-dev 8:6.7.7.10-6ubuntu3.13+esm3
libmagickwand5 8:6.7.7.10-6ubuntu3.13+esm3
perlmagick 8:6.7.7.10-6ubuntu3.13+esm3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5736-1
CVE-2021-20224, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244,
CVE-2021-20245, CVE-2021-20246, CVE-2021-20309, CVE-2021-20312,
CVE-2021-20313, CVE-2021-3574, CVE-2021-39212, CVE-2021-4219,
CVE-2022-1114, CVE-2022-28463, CVE-2022-32545, CVE-2022-32546,
CVE-2022-32547
Package Information:
https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.14
Ubuntu Security Notice USN-5736-1
November 24, 2022
imagemagick vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in ImageMagick.
Software Description:
- imagemagick: Image manipulation programs and library
Details:
It was discovered that ImageMagick incorrectly handled certain values
when processing PDF files. If a user or automated system using ImageMagick
were tricked into opening a specially crafted PDF file, an attacker could
exploit this to cause a denial of service. This issue only affected Ubuntu
14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-20224)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service. This issue only
affected Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2021-20241)
Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service. This issue only
affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10.
(CVE-2021-20243)
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
22.10. (CVE-2021-20244)
It was discovered that ImageMagick could be made to divide by zero when
processing crafted file. By tricking a user into opening a specially
crafted image file, an attacker could crash the application causing a
denial of service. This issue only affected Ubuntu 22.10. (CVE-2021-20245)
It was discovered that ImageMagick incorrectly handled certain values
when performing resampling operations. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. This issue only affected Ubuntu 22.10.
(CVE-2021-20246)
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
22.10. (CVE-2021-20309)
It was discovered that ImageMagick incorrectly handled certain values
when processing thumbnail image data. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. This issue only affected Ubuntu 22.10.
(CVE-2021-20312)
It was discovered that ImageMagick incorrectly handled memory cleanup
when performing certain cryptographic operations. Under certain conditions
sensitive cryptographic information could be disclosed. This issue only
affected Ubuntu 22.10. (CVE-2021-20313)
It was discovered that ImageMagick did not properly manage memory under
certain circumstances. If a user were tricked into opening a specially
crafted file using convert command, an attacker could possibly use this
issue to cause ImageMagick to crash, resulting in a denial of service. This
issue only affected Ubuntu 22.10. (CVE-2021-3574)
It was discovered that ImageMagick did not use the correct rights when
specifically excluded by a module policy. An attacker could use this issue
to read and write certain restricted files. This issue only affected
Ubuntu 22.10. (CVE-2021-39212)
It was discovered that ImageMagick incorrectly handled certain values
when processing specially crafted SVG files. By tricking a user into
opening a specially crafted SVG file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
22.10. (CVE-2021-4219)
It was discovered that ImageMagick did not properly manage memory under
certain circumstances. If a user were tricked into opening a specially
crafted DICOM file, an attacker could possibly use this issue to cause
ImageMagick to crash, resulting in a denial of service or leaking sensitive
information. This issue only affected Ubuntu 22.10. (CVE-2022-1114)
It was discovered that ImageMagick incorrectly handled memory under
certain circumstances. If a user were tricked into opening a specially
crafted image file, an attacker could possibly exploit this issue to cause
a denial of service or other unspecified impact. This issue only affected
Ubuntu 22.10. (CVE-2022-28463)
It was discovered that ImageMagick incorrectly handled certain values.
If a user were tricked into processing a specially crafted image file,
an attacker could possibly exploit this issue to cause a denial of service
or other unspecified impact. This issue only affected Ubuntu 14.04 ESM,
Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32545, CVE-2022-32546)
It was discovered that ImageMagick incorrectly handled memory under
certain circumstances. If a user were tricked into processing a specially
crafted image file, an attacker could possibly exploit this issue to cause
a denial of service or other unspecified impact. This issue only affected
Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 22.10. (CVE-2022-32547)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
imagemagick 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-6-common 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-6.q16 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-6.q16hdri 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
imagemagick-common 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libimage-magick-perl 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libimage-magick-q16-perl 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-6.q16-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-6.q16hdri-8 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagick++-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6-arch-config 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6-headers 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16-6-extra 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-6.q16hdri-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickcore-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickwand-6.q16-6 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickwand-6.q16-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
libmagickwand-dev 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
perlmagick 8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
Ubuntu 18.04 LTS:
imagemagick 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-6-common 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-6.q16 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-6.q16hdri 8:6.9.7.4+dfsg-16ubuntu6.14
imagemagick-common 8:6.9.7.4+dfsg-16ubuntu6.14
libimage-magick-perl 8:6.9.7.4+dfsg-16ubuntu6.14
libimage-magick-q16-perl 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-6.q16-7 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-6.q16hdri-7 8:6.9.7.4+dfsg-16ubuntu6.14
libmagick++-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6-arch-config 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6-headers 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16-3-extra 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-6.q16hdri-3 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickcore-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickwand-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickwand-6.q16-dev 8:6.9.7.4+dfsg-16ubuntu6.14
libmagickwand-dev 8:6.9.7.4+dfsg-16ubuntu6.14
perlmagick 8:6.9.7.4+dfsg-16ubuntu6.14
Ubuntu 16.04 ESM:
imagemagick 8:6.8.9.9-7ubuntu5.16+esm5
imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm5
imagemagick-common 8:6.8.9.9-7ubuntu5.16+esm5
libimage-magick-perl 8:6.8.9.9-7ubuntu5.16+esm5
libimage-magick-q16-perl 8:6.8.9.9-7ubuntu5.16+esm5
libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm5
libmagick++-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagick++-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6-arch-config 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6-headers 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickcore-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickwand-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm5
libmagickwand-6.q16-dev 8:6.8.9.9-7ubuntu5.16+esm5
libmagickwand-dev 8:6.8.9.9-7ubuntu5.16+esm5
perlmagick 8:6.8.9.9-7ubuntu5.16+esm5
Ubuntu 14.04 ESM:
imagemagick 8:6.7.7.10-6ubuntu3.13+esm3
imagemagick-common 8:6.7.7.10-6ubuntu3.13+esm3
libmagick++-dev 8:6.7.7.10-6ubuntu3.13+esm3
libmagick++5 8:6.7.7.10-6ubuntu3.13+esm3
libmagickcore-dev 8:6.7.7.10-6ubuntu3.13+esm3
libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm3
libmagickcore5-extra 8:6.7.7.10-6ubuntu3.13+esm3
libmagickwand-dev 8:6.7.7.10-6ubuntu3.13+esm3
libmagickwand5 8:6.7.7.10-6ubuntu3.13+esm3
perlmagick 8:6.7.7.10-6ubuntu3.13+esm3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5736-1
CVE-2021-20224, CVE-2021-20241, CVE-2021-20243, CVE-2021-20244,
CVE-2021-20245, CVE-2021-20246, CVE-2021-20309, CVE-2021-20312,
CVE-2021-20313, CVE-2021-3574, CVE-2021-39212, CVE-2021-4219,
CVE-2022-1114, CVE-2022-28463, CVE-2022-32545, CVE-2022-32546,
CVE-2022-32547
Package Information:
https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.11.60+dfsg-1.3ubuntu0.22.10.1
https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.14
Wednesday, November 23, 2022
[USN-5740-1] X.Org X Server vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5740-1
November 23, 2022
xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04, xwayland
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in X.Org X Server.
Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
- xorg-server-hwe-18.04: X.Org X11 server
- xorg-server-hwe-16.04: X.Org X11 server
Details:
It was discovered that X.Org X Server incorrectly handled certain inputs.
An attacker could use these issues to cause the server to crash, resulting
in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
xserver-xorg-core 2:21.1.4-2ubuntu1.1
xwayland 2:22.1.3-2ubuntu0.1
Ubuntu 22.04 LTS:
xserver-xorg-core 2:21.1.3-2ubuntu2.3
xwayland 2:22.1.1-1ubuntu0.3
Ubuntu 20.04 LTS:
xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.4
xwayland 2:1.20.13-1ubuntu1~20.04.4
Ubuntu 18.04 LTS:
xserver-xorg-core 2:1.19.6-1ubuntu4.12
xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.8
xwayland 2:1.19.6-1ubuntu4.12
Ubuntu 16.04 ESM:
xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm4
xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm3
xwayland 2:1.18.4-0ubuntu0.12+esm4
Ubuntu 14.04 ESM:
xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm6
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5740-1
CVE-2022-3550, CVE-2022-3551
Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.1
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.1
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.3
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.3
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.4
https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.12
https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.8
Ubuntu Security Notice USN-5740-1
November 23, 2022
xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04, xwayland
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in X.Org X Server.
Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland
- xorg-server-hwe-18.04: X.Org X11 server
- xorg-server-hwe-16.04: X.Org X11 server
Details:
It was discovered that X.Org X Server incorrectly handled certain inputs.
An attacker could use these issues to cause the server to crash, resulting
in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.10:
xserver-xorg-core 2:21.1.4-2ubuntu1.1
xwayland 2:22.1.3-2ubuntu0.1
Ubuntu 22.04 LTS:
xserver-xorg-core 2:21.1.3-2ubuntu2.3
xwayland 2:22.1.1-1ubuntu0.3
Ubuntu 20.04 LTS:
xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.4
xwayland 2:1.20.13-1ubuntu1~20.04.4
Ubuntu 18.04 LTS:
xserver-xorg-core 2:1.19.6-1ubuntu4.12
xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.8
xwayland 2:1.19.6-1ubuntu4.12
Ubuntu 16.04 ESM:
xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm4
xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm3
xwayland 2:1.18.4-0ubuntu0.12+esm4
Ubuntu 14.04 ESM:
xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm6
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5740-1
CVE-2022-3550, CVE-2022-3551
Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.1
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.1
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.3
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.3
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.4
https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.12
https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.8
F38 proposal: Add Fedora Auto Firstboot Services to desktop variants (System-Wide Change proposal)
https://fedoraproject.org/wiki/Changes/AutoFirstBootServices
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
Add {{package|fedora-autofirstboot}} to desktop variants to run a
predetermined set of tasks on first boot after post installation,
notably installing codecs and cleaning up installer packages from the
installed system.
== Owner ==
* Name: [[User:Ngompa| Neal Gompa]]
* Email: ngompa13@gmail.com
== Detailed Description ==
{{package|fedora-autofirstboot}} is a collection of scripts that
invoke on firstboot of a freshly installed system to run a set of
predetermined tasks. It also provides a framework for third-parties to
introduce their own firstboot tasks to run through this framework. The
initial services included are to install OpenH264 and remove Anaconda.
== Benefit to Fedora ==
The main benefit is to smooth out the new user experience for new
Fedora Linux installations. In particular, we can deal with a
long-standing sticking point that Anaconda remains installed on the
user's machine when it is not useful to do so.
== Scope ==
* Proposal owners:
** Add {{package|fedora-autofirstboot}} to the desktop kickstarts
** Add a preset to {{package|fedora-release}} for
<code>fedora-autofirstboot.service</code>
* Other developers: N/A (not needed for this Change)
* Release engineering: [https://pagure.io/releng/issue/11148 #11148]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: N/A
== Upgrade/compatibility impact ==
This will have no impact on upgraded systems, since the firstboot
condition is not true in that case.
== How To Test ==
# Install Fedora Workstation, KDE, etc.
# Reboot into installed environment
# Check to see <code>openh264</code> is installed and
<code>anaconda-core</code> is not.
== User Experience ==
The first boot will be slightly slower because of these tasks running,
though they should happily run in the background as other services
start up, so it should not be noticeable.
== Dependencies ==
The main dependency is {{package|fedora-release}}, though we will need
to ensure all {{package|udisks2}} plugins get pulled in as
dependencies for {{package|gnome-disks}} and {{package|blivet-gui}} so
they don't get uninstalled when Anaconda is.
== Contingency Plan ==
* Contingency mechanism: Remove {{package|fedora-autofirstboot}} from
the kickstarts
* Contingency deadline: Final freeze
* Blocks release? No
== Documentation ==
There is not currently much documentation in
[https://pagure.io/fedora-autofirstboot the upstream project], though
contributions are welcome.
== Release Notes ==
Fedora Linux now ships with a framework for setting up first-boot
services and uses this to install multimedia software and remove the
installer software from the system after installation.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
Add {{package|fedora-autofirstboot}} to desktop variants to run a
predetermined set of tasks on first boot after post installation,
notably installing codecs and cleaning up installer packages from the
installed system.
== Owner ==
* Name: [[User:Ngompa| Neal Gompa]]
* Email: ngompa13@gmail.com
== Detailed Description ==
{{package|fedora-autofirstboot}} is a collection of scripts that
invoke on firstboot of a freshly installed system to run a set of
predetermined tasks. It also provides a framework for third-parties to
introduce their own firstboot tasks to run through this framework. The
initial services included are to install OpenH264 and remove Anaconda.
== Benefit to Fedora ==
The main benefit is to smooth out the new user experience for new
Fedora Linux installations. In particular, we can deal with a
long-standing sticking point that Anaconda remains installed on the
user's machine when it is not useful to do so.
== Scope ==
* Proposal owners:
** Add {{package|fedora-autofirstboot}} to the desktop kickstarts
** Add a preset to {{package|fedora-release}} for
<code>fedora-autofirstboot.service</code>
* Other developers: N/A (not needed for this Change)
* Release engineering: [https://pagure.io/releng/issue/11148 #11148]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: N/A
== Upgrade/compatibility impact ==
This will have no impact on upgraded systems, since the firstboot
condition is not true in that case.
== How To Test ==
# Install Fedora Workstation, KDE, etc.
# Reboot into installed environment
# Check to see <code>openh264</code> is installed and
<code>anaconda-core</code> is not.
== User Experience ==
The first boot will be slightly slower because of these tasks running,
though they should happily run in the background as other services
start up, so it should not be noticeable.
== Dependencies ==
The main dependency is {{package|fedora-release}}, though we will need
to ensure all {{package|udisks2}} plugins get pulled in as
dependencies for {{package|gnome-disks}} and {{package|blivet-gui}} so
they don't get uninstalled when Anaconda is.
== Contingency Plan ==
* Contingency mechanism: Remove {{package|fedora-autofirstboot}} from
the kickstarts
* Contingency deadline: Final freeze
* Blocks release? No
== Documentation ==
There is not currently much documentation in
[https://pagure.io/fedora-autofirstboot the upstream project], though
contributions are welcome.
== Release Notes ==
Fedora Linux now ships with a framework for setting up first-boot
services and uses this to install multimedia software and remove the
installer software from the system after installation.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Subscribe to:
Posts (Atom)