1111 matches found
USN-5523-2: LibTIFF vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5523-1 fixed several vulnerabilities in LibTIFF. This update provides the fixes for CVE-2022-0907, CVE-2022-0908, CVE-2022-0909, CVE-2022-0924 and CVE-2022-22844 for Ubuntu 18.04 LTS and Ubuntu 20.04...
USN-5583-2: systemd regression | Cloud Foundry
Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5583-1 fixed vulnerabilities in systemd. Unfortunately this caused a regression by introducing netowrking problems for some users. This update fixes the problem. We apologize for the inconvenience...
USN-5571-1: PostgreSQL vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Sven Klemm discovered that PostgreSQL incorrectly handled extensions. An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated. Update Instructions: Run...
USN-5569-1: Unbound vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Xiang Li discovered that Unbound incorrectly handled delegation caching. A remote attacker could use this issue to keep rogue domain names resolvable long after they have been revoked. Update Instructions...
USN-5575-1: Libxslt vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Nicolas Grégoire discovered that Libxslt incorrectly handled certain XML. An attacker could possibly use this issue to expose sensitive information or execute arbitrary code. This issue only affected Ubun...
USN-5619-1: LibTIFF vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that LibTIFF was not properly performing the calculation of data that would eventually be used as a reference for bound-checking operations. An attacker could...
USN-5615-1: SQLite vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-5612-1: Intel Microcode vulnerability | Cloud Foundry
usn-5612-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Pietro Borrello, Andreas Kogler, Martin Schwarzl, Daniel Gruss, Michael Schwarz and Moritz Lipp discovered that some Intel processors did not properly clear data between subsequent xAPIC MMIO...
USN-5502-1: OpenSSL vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Alex Chernyakhovsky discovered that OpenSSL incorrectly handled AES OCB mode when using the AES-NI assembly optimized implementation on 32-bit x86 platforms. A remote attacker could possibly use this issu...
USN-5503-1: GnuPG vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Demi Marie Obenour discovered that GnuPG incorrectly handled injection in the status message. A remote attacker could possibly use this issue to forge signatures. Update Instructions: Run sudo ua fix...
USN-5537-1: MySQL vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.30 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubunt...
USN-5511-1: Git vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Carlo Marcelo Arenas Belón discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator. CVE-2022-29187 Updat...
USN-5528-1: FreeType vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or...
USN-5519-1: Python vulnerability | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run sudo ua fix USN-5519-1 t...
USN-5550-1: GnuTLS vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only...
USN-5570-1: zlib vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause zlib to crash, resulting in a...
USN-5573-1: rsync vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Evgeny Legerov discovered that zlib incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause rsync to crash, resulting in a...
USN-5548-1: libxml2 vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code. Update Instructions: Run sudo ua fix...
USN-5425-1: PCRE vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expos...
USN-5421-1: LibTIFF vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only...
USN-5422-1: libxml2 vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly...
USN-5424-1: OpenLDAP vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL...
USN-5259-3: Cron regression | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the...
USN-5402-1: OpenSSL vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run. CVE-2022-1292 Raul Metsma...
USN-5244-2: DBus vulnerability | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5244-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Daniel Onaca discovered that DBus contained a...
USN-5259-2: Cron vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5259-1 fixed several vulnerabilities in Cron. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that the postinst maintainer script in Cron...
USN-5403-1: SQLite vulnerability | Cloud Foundry
Severity Negligible Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that SQLite command-line component incorrectly handled certain queries. An attacker could possibly use this issue to cause a crash or possibly execute arbitrary code. Update...
USN-5446-1: dpkg vulnerability | Cloud Foundry
usn-5446-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote...
USN-5445-1: Subversion vulnerabilities | Cloud Foundry
usn-5445-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of...
USN-5431-1: GnuPG vulnerability | Cloud Foundry
usn-5431-1 Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that GnuPG was not properly processing keys with large amounts of signatures. An attacker could possibly use this issue to cause a denial of service. Update Instructions: Run sud...
USN-5464-1: E2fsprogs vulnerability | Cloud Foundry
usn-5464-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute...
USN-5440-1: PostgreSQL vulnerability | Cloud Foundry
usn-5440-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user’s objects. An attacker having...
USN-5488-1: OpenSSL vulnerability | Cloud Foundry
usn-5488-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary commands when crehash is run. Update...
USN-5472-1: FFmpeg vulnerabilities | Cloud Foundry
usn-5472-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This...
USN-5473-1: ca-certificates update | Cloud Foundry
usn-5473-1 Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority...
USN-5456-1: ImageMagick vulnerability | Cloud Foundry
usn-5456-1 Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image, an attacker could possibly exploit this...
USN-5486-1: Intel Microcode vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. CVE-2021-0127 Joseph Nuzman discovered that...
USN-5357-1: Linux kernel vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer...
USN-5400-1: MySQL vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.29 in Ubuntu 20.04 LTS, Ubuntu 21.10, and Ubuntu...
USN-5395-2: networkd-dispatcher regression | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5395-1 fixed vulnerabilities in networkd-dispatcher. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. We apologize for the inconvenience. Origina...
USN-5395-1: networkd-dispatcher vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code...
USN-5331-2: tcpdump vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5331-1 fixed several vulnerabilities in tcpdump. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that tcpdump...
USN-5366-1: FriBidi vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that FriBidi incorrectly handled processing of input strings resulting in memory corruption. An attacker could use this issue to cause FriBidi to crash, resulting in a denial of service,...
USN-5410-1: NSS vulnerability | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NSS to stop responding, resulting in a denial of service...
USN-5355-1: zlib vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or...
USN-5324-1: libxml2 vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that libxml2 incorrectly handled certain XML files. An attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. CVEs...
USN-5359-1: rsync vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsync to crash, resulting in a denial of service,...
USN-5352-1: Libtasn1 vulnerability | Cloud Foundry
Severity Negligible Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that Libtasn1 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVEs contained in this USN include: CVE-2018-1000654. Affecte...
USN-5379-1: klibc vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resultin...
USN-5378-1: Gzip vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Cleemy Desu Wayo discovered that Gzip incorrectly handled certain filenames. If a user or automated system were tricked into performing zgrep operations with specially crafted filenames, a remote attacker...