Updated PolicyKit packages has been released for Ubuntu Linux
Dedoimedo published a guide how to customize the look and feel of the Ubuntu MATE 18.04 Bionic Beaver desktop using the numerous built-in tools and features of the MATE desktop environment
Updated thunderbird packages has been released for Ubuntu Linux
The following updates has been released for Ubuntu Linux:
USN-3715-1: dns-root-data update
USN-3716-1: Dnsmasq update
USN-3715-1: dns-root-data update
USN-3716-1: Dnsmasq update
The following updates has been released for Ubuntu Linux:
USN-3710-1: curl vulnerability
USN-3711-1: ImageMagick vulnerabilities
USN-3712-1: libpng vulnerabilities
USN-3712-2: libpng vulnerability
USN-3713-1: CUPS vulnerabilities
USN-3710-1: curl vulnerability
USN-3711-1: ImageMagick vulnerabilities
USN-3712-1: libpng vulnerabilities
USN-3712-2: libpng vulnerability
USN-3713-1: CUPS vulnerabilities
The following updates has been released for Ubuntu Linux:
USN-3705-2: Firefox regressions
USN-3706-2: libjpeg-turbo vulnerabilities
USN-3709-1: Xapian-core vulnerability
USN-3705-2: Firefox regressions
USN-3706-2: libjpeg-turbo vulnerabilities
USN-3709-1: Xapian-core vulnerability
The following updates has been released for Ubuntu Linux:
USN-3706-1: libjpeg-turbo vulnerabilities
USN-3707-1: NTP vulnerabilities
USN-3708-1: OpenSLP vulnerabilities
USN-3706-1: libjpeg-turbo vulnerabilities
USN-3707-1: NTP vulnerabilities
USN-3708-1: OpenSLP vulnerabilities
Ubuntu Linux 17.10 will reach it's end of life on July 19 2018
The following updates has been released for Ubuntu Linux:
USN-3690-2: AMD Microcode regression
USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 (aka Spectre). Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS.
USN-3705-1: Firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website.
USN-3690-2: AMD Microcode regression
USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 (aka Spectre). Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS.
USN-3705-1: Firefox vulnerabilities
Firefox could be made to crash or run programs as your login if it opened a malicious website.
The PHP 7.2 packages for Ubuntu Linux 18.04 LTS has been updated with a security patch for the exif module
The following updates has been released for Ubuntu Linux:
LSN-0040-1: Linux kernel vulnerability
USN-3702-1: PHP vulnerability
USN-3703-1: Archive Zip
USN-3703-2: Archive Zip vulnerability
LSN-0040-1: Linux kernel vulnerability
USN-3702-1: PHP vulnerability
USN-3703-1: Archive Zip
USN-3703-2: Archive Zip vulnerability
The following updates has been released for Ubuntu Linux:
USN-3699-1: zziplib vulnerabilities
zziplib could be made to crash or run programs as your login if it opened aspecially crafted file.
USN-3700-1: Exiv2 vulnerabilities
Several security issues were fixed in Exiv2.
USN-3701-1: libsoup vulnerability
libsoup could be made to crash if it received a specially crafted input.
USN-3699-1: zziplib vulnerabilities
zziplib could be made to crash or run programs as your login if it opened aspecially crafted file.
USN-3700-1: Exiv2 vulnerabilities
Several security issues were fixed in Exiv2.
USN-3701-1: libsoup vulnerability
libsoup could be made to crash if it received a specially crafted input.
The following kernel updates has been released for Ubuntu Linux:
USN-3695-1: Linux kernel vulnerabilities
USN-3695-2: Linux kernel (HWE) vulnerabilities
USN-3696-1: Linux kernel vulnerabilities
USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3697-1: Linux kernel vulnerabilities
USN-3697-2: Linux kernel (OEM) vulnerabilities
USN-3698-1: Linux kernel vulnerabilities
USN-3698-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3695-1: Linux kernel vulnerabilities
USN-3695-2: Linux kernel (HWE) vulnerabilities
USN-3696-1: Linux kernel vulnerabilities
USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3697-1: Linux kernel vulnerabilities
USN-3697-2: Linux kernel (OEM) vulnerabilities
USN-3698-1: Linux kernel vulnerabilities
USN-3698-2: Linux kernel (Trusty HWE) vulnerabilities
The following updates has been released for Ubuntu Linux:
Ubuntu Linux 12.04 ESM:
USN-3686-2: file vulnerabilities
Several security issues were fixed in file.
Ubuntu Linux 14.04 LTS:
USN-3694-1: NASM vulnerabilities
NASM could be made to crash or run programs if it opened a specially crafted file.
Ubuntu Linux 12.04 ESM:
USN-3686-2: file vulnerabilities
Several security issues were fixed in file.
Ubuntu Linux 14.04 LTS:
USN-3694-1: NASM vulnerabilities
NASM could be made to crash or run programs if it opened a specially crafted file.
Updated Jasper packages has been released for Ubuntu Linux 14.04 LTS and 16.04 LTS
Updated OpenSSL packages are available for Ubuntu 18.04 LTS, Ubuntu 17.10, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 12.04 ESM:
USN-3692-1: OpenSSL vulnerabilities
USN-3692-2: OpenSSL vulnerabilities
USN-3692-1: OpenSSL vulnerabilities
USN-3692-2: OpenSSL vulnerabilities
Updated OpenJDK 7 packages has been released for Ubuntu Linux 14.04 LTS
Updated processor microcode firmware for AMD CPUs has been released for Ubuntu Linux
The following updates has been released for Ubuntu Linux:
USN-3688-1: Spidermonkey vulnerabilities
Multiple memory safety issues were fixed in Spidermonkey. An attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Available for Ubuntu 18.04 LTS and 17-10
USN-3689-1: Libgcrypt vulnerability
USN-3689-2: Libgcrypt vulnerability
Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys. Available for Ubuntu 18.04 LTS, 16.04 LTS, 17.10, 14.04 LTS, and 12.04 ESM
USN-3688-1: Spidermonkey vulnerabilities
Multiple memory safety issues were fixed in Spidermonkey. An attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. Available for Ubuntu 18.04 LTS and 17-10
USN-3689-1: Libgcrypt vulnerability
USN-3689-2: Libgcrypt vulnerability
Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys. Available for Ubuntu 18.04 LTS, 16.04 LTS, 17.10, 14.04 LTS, and 12.04 ESM
The following updates has been released for Ubuntu Linux:
USN-3675-3: GnuPG vulnerability
GnuPG could be made to incorrectly interpret the status of the cryptographic operation if it received specially crafted file. Available for Ubuntu 12.04 ESM
USN-3687-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Available for Ubuntu 16.04 LTS, 17.10, and 18.04 LTS
USN-3675-3: GnuPG vulnerability
GnuPG could be made to incorrectly interpret the status of the cryptographic operation if it received specially crafted file. Available for Ubuntu 12.04 ESM
USN-3687-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. Available for Ubuntu 16.04 LTS, 17.10, and 18.04 LTS
