Bra podcast
Sveriges mest populära poddar
Overview
It’s main vs universe as we take a deep dive into the Ubuntu archive and look at these components plus what goes into each and how the security team goes about reviewing software destined for main, plus we cover security updates for Django, BlueZ, NVIDIA Graphics Drivers and more.
This week in Ubuntu Security Updates
53 unique CVEs addressed
[USN-5265-1] Linux kernel vulnerabilities [01:19]
- 10 CVEs addressed in Focal (20.04 LTS), Impish (21.10)
- 5.13 impish + focal hwe + 5.11 focal cloud kernel (gcp/aws/oracle/azure)
[USN-5266-1] Linux kernel (GKE) vulnerabilities
- 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
- 5.4 gke
[USN-5267-1] Linux kernel vulnerabilities
- 3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
- 5.4 focal + bionic hwe
[USN-5268-1] Linux kernel vulnerabilities
- 4 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- 4.15 bionic + 16.04 hwe + 14.04 azure
[USN-5260-3] Samba vulnerability [02:29]
- 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)
- Episode 147 -
vfs_fruitRCE
[USN-5269-1, USN-5269-2] Django vulnerabilities [03:00]
- 2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- XSS via incorrect handling of the
{% debug %}template tag - failed to properly encode the current context - Possible infinite loop when parsing multipart forms as used when doing file uploads
[USN-5270-1, USN-5270-2] MySQL vulnerabilities [03:38]
- 26 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- CVE-2022-21379
- CVE-2022-21378
- CVE-2022-21374
- CVE-2022-21372
- CVE-2022-21370
- CVE-2022-21368
- CVE-2022-21367
- CVE-2022-21362
- CVE-2022-21358
- CVE-2022-21351
- CVE-2022-21348
- CVE-2022-21344
- CVE-2022-21342
- CVE-2022-21339
- CVE-2022-21304
- CVE-2022-21303
- CVE-2022-21302
- CVE-2022-21301
- CVE-2022-21270
- CVE-2022-21265
- CVE-2022-21264
- CVE-2022-21256
- CVE-2022-21254
- CVE-2022-21253
- CVE-2022-21249
- CVE-2022-21245
- 6 CVEs addressed in Xenial ESM (16.04 ESM)
- 8.0.23 for Ubuntu 20.04 LTS and 21.10
- 5.7.37 for Ubuntu 18.04 LTS and Ubuntu 16.04 ESM
[USN-5030-2] Perl DBI module vulnerabilities [04:11]
- 2 CVEs addressed in Xenial ESM (16.04 ESM)
- Episode 125
[USN-5262-1] GPT fdisk vulnerabilities
- 2 CVEs addressed in Xenial ESM (16.04 ESM)
[USN-5264-1] Graphviz vulnerabilities
- 3 CVEs addressed in Xenial ESM (16.04 ESM)
[USN-5275-1] BlueZ vulnerability [04:25]
- 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- Heap buffer overflow in gatt-server implementation since failed to check lengths of incoming packets - could allow a remote attacker to DoS or RCE
[USN-4754-5] Python vulnerability [04:53]
- 2 CVEs addressed in Trusty ESM (14.04 ESM)
- Reinstate fix for CVE-2021-3177 which was previously removed due to a regression
[USN-5276-1] NVIDIA graphics drivers vulnerabilities [05:15]
- 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- Various issues around handling of permissions within the kernel - could allow a local user to write to protected memory in the kernel and DoS machine
[USN-5267-2] Linux kernel regression [05:52]
- 3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
- 5.4 focal + bionic hwe
- Inadvertent DoS when accessing CIFS shares - kernel hang - fixed by reverting various CIFS related patches
Goings on in Ubuntu Security Community
Main vs Universe with Camila
- Camila discusses the different software repository components in Ubuntu - what they are, how they compare and what you can expect to find in each, as well as the process for moving packages from universe to main to be supported by Canonical, in particular focusing on the security team’s role in performing security audits of each software package along the way.
Get in contact
00:00
-00:00