Sveriges mest populära poddar

Ubuntu Security Podcast

Episode 76

13 min • 28 maj 2020

Overview

This week we welcome back Vineetha Kamath, Ubuntu Security Certifications Manager, to discuss the recent release of FIPS modules for Ubuntu 18.04 LTS and we look at security updates for Bind, ClamAV, QEMU, the Linux kernel and more.

This week in Ubuntu Security Updates

24 unique CVEs addressed

[USN-4365-2] Bind vulnerabilities [00:37]

[USN-4369-1] Linux kernel vulnerabilities [01:11]

[USN-4370-1, USN-4370-2] ClamAV vulnerabilities [01:35]

  • 2 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Eoan (19.10), Focal (20.04 LTS)
  • Stack and heap buffer over-reads in the PDF and ARJ (Archived by Rober Jung) file parsers -> crash -> DoS

[USN-4371-1] libvirt vulnerabilities [02:36]

  • 2 CVEs addressed in Bionic (18.04 LTS), Eoan (19.10)
  • Memory leak able to be triggered by local users with read-only qemu access when retrieving domain stats -> DoS

[USN-4372-1] QEMU vulnerabilities [03:08]

[USN-4373-1] Thunderbird vulnerabilities [03:44]

Goings on in Ubuntu Security Community

Joe McManus and Vineetha Kamath discuss FIPS certification for Ubuntu 18.04 LTS [04:10]

Get in contact

Kategorier
Förekommer på
00:00 -00:00