To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Tôi hiểu rồi!
Artwork

Alex Murray Ubuntu Security Team Linux Tech Operating Systems Alex and Joe Security Software Development
Nội dung được cung cấp bởi Alex Murray and Ubuntu Security Team. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Alex Murray and Ubuntu Security Team hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

Tương tự như Ubuntu Security Podcast

Player FM - Ứng dụng Podcast
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Get it on App Store Get it on Google Play

Ubuntu Security Podcast « »
Episode 134

14:05
 
Nghe
Đang phát
Chia sẻ
 

MP3Trang chủ episode
Manage episode 304642062 series 2423058
Nội dung được cung cấp bởi Alex Murray and Ubuntu Security Team. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Alex Murray and Ubuntu Security Team hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

Overview

It’s release week! As Ubuntu 21.10 Impish Indri is released we take a look at some of the new security features it brings, plus we cover security updates for containerd, MongoDB, Mercurial, docker.io and more.

This week in Ubuntu Security Updates

58 unique CVEs addressed

[USN-5095-1] Apache Commons IO vulnerability [00:46]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • Failed to properly sanitize filenames in FileNameUtils.normalize() - should remove relative path components like ../ but if contained leading double-slashes this would fail - and the original path would be returned without alteration - so could then possibly get relative directory traversal to the parent directory depending on how this returned value was used.

[USN-5096-1] Linux kernel (OEM) vulnerabilities

[USN-5091-2] Linux kernel (Raspberry Pi) vulnerabilities

[USN-5094-2] Linux kernel (Raspberry Pi) vulnerabilities

[USN-5106-1] Linux kernel (OEM) vulnerabilities [01:36]

[USN-4973-2] Python vulnerability [02:18]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • ipaddress with octal encoded numbers vuln previously fixed but the patch with this fix got dropped in an intervening SRU where 3.8.10 got backported to 20.04 (LP: #1928057)

[USN-5099-1] Imlib2 vulnerability [03:11]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • integer overflow -> OOB read - ICO file with an excessive amount of colors declared in its color map - fixed to error out in this case

[USN-5100-1] containerd vulnerability [03:43]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • container bundles root dirs and plugins had excessive permissions - allows an unprivileged Linux user to traverse directory contents and execute programs in these dirs. If a container image was created with setuid executables then that user on the Linux host could execute these setuid binaries and gain root privileges on the host.

[USN-5101-1] MongoDB vulnerability [04:34]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • Unauthenticated client can send crafted messages to the server which specify a negative size when decompressed - an insufficient amount of memory would then get allocated and lead to a possible OOB write
  • Thanks to Heather Lemon from Sustaining Engineering team for preparing this update

[USN-5102-1] Mercurial vulnerabilities [05:10]

  • 2 CVEs addressed in Bionic (18.04 LTS)
  • Mishandled symlinks in subrepos - defeats usual path-checking logic and so could could allow an attacker to write arbitrary files to the victim’s filesystem outside the repo
  • OOB read when parsing malformed manifest entries

[USN-5097-1] LedgerSMB vulnerabilities

[USN-5098-1] bl vulnerability

[USN-5103-1] docker.io vulnerability

  • 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • docker cp - could craft a container image that would result in docker cp making changes to existing files on the host filesystem - doesn’t actually allow to read/modify or execute files on the host but could make them readable/change perms etc and expose info on the host

[USN-5104-1] Squid vulnerability

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)

[USN-5105-1] Bottle vulnerability

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)

[USN-5022-3] MySQL vulnerabilities

[USN-5107-1] Firefox vulnerabilities [06:47]

[USN-5108-1] libntlm vulnerability [07:32]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • stack buffer OOB read when handling a crafted NTLM request since used a fixed size buffer in various functions - fixed to truncate size to fit within the buffer if too big to avoid overflowing the buffer

[USN-5078-3] Squashfs-Tools vulnerability [07:54]

  • 1 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
  • Original backport of patch contained an error and so failed to work for squashfs 2.x filesystems - would fail to actually sort entries as expected - thanks to Salvatore Bonaccorso from the Debian security team for bringing this to our attention

Goings on in Ubuntu Security Community

Ubuntu 21.10 (Impish Indri) released [09:08]

Hiring [13:12]

Security Product Manager

Get in contact

  continue reading

231 tập

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development
Artwork

Episode 134

Ubuntu Security Podcast

138 subscribers

published

Nghe Đang phát
iconChia sẻ
 
MP3Trang chủ episode
Manage episode 304642062 series 2423058
Nội dung được cung cấp bởi Alex Murray and Ubuntu Security Team. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Alex Murray and Ubuntu Security Team hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

Overview

It’s release week! As Ubuntu 21.10 Impish Indri is released we take a look at some of the new security features it brings, plus we cover security updates for containerd, MongoDB, Mercurial, docker.io and more.

This week in Ubuntu Security Updates

58 unique CVEs addressed

[USN-5095-1] Apache Commons IO vulnerability [00:46]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • Failed to properly sanitize filenames in FileNameUtils.normalize() - should remove relative path components like ../ but if contained leading double-slashes this would fail - and the original path would be returned without alteration - so could then possibly get relative directory traversal to the parent directory depending on how this returned value was used.

[USN-5096-1] Linux kernel (OEM) vulnerabilities

[USN-5091-2] Linux kernel (Raspberry Pi) vulnerabilities

[USN-5094-2] Linux kernel (Raspberry Pi) vulnerabilities

[USN-5106-1] Linux kernel (OEM) vulnerabilities [01:36]

[USN-4973-2] Python vulnerability [02:18]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • ipaddress with octal encoded numbers vuln previously fixed but the patch with this fix got dropped in an intervening SRU where 3.8.10 got backported to 20.04 (LP: #1928057)

[USN-5099-1] Imlib2 vulnerability [03:11]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • integer overflow -> OOB read - ICO file with an excessive amount of colors declared in its color map - fixed to error out in this case

[USN-5100-1] containerd vulnerability [03:43]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • container bundles root dirs and plugins had excessive permissions - allows an unprivileged Linux user to traverse directory contents and execute programs in these dirs. If a container image was created with setuid executables then that user on the Linux host could execute these setuid binaries and gain root privileges on the host.

[USN-5101-1] MongoDB vulnerability [04:34]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • Unauthenticated client can send crafted messages to the server which specify a negative size when decompressed - an insufficient amount of memory would then get allocated and lead to a possible OOB write
  • Thanks to Heather Lemon from Sustaining Engineering team for preparing this update

[USN-5102-1] Mercurial vulnerabilities [05:10]

  • 2 CVEs addressed in Bionic (18.04 LTS)
  • Mishandled symlinks in subrepos - defeats usual path-checking logic and so could could allow an attacker to write arbitrary files to the victim’s filesystem outside the repo
  • OOB read when parsing malformed manifest entries

[USN-5097-1] LedgerSMB vulnerabilities

[USN-5098-1] bl vulnerability

[USN-5103-1] docker.io vulnerability

  • 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • docker cp - could craft a container image that would result in docker cp making changes to existing files on the host filesystem - doesn’t actually allow to read/modify or execute files on the host but could make them readable/change perms etc and expose info on the host

[USN-5104-1] Squid vulnerability

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)

[USN-5105-1] Bottle vulnerability

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)

[USN-5022-3] MySQL vulnerabilities

[USN-5107-1] Firefox vulnerabilities [06:47]

[USN-5108-1] libntlm vulnerability [07:32]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • stack buffer OOB read when handling a crafted NTLM request since used a fixed size buffer in various functions - fixed to truncate size to fit within the buffer if too big to avoid overflowing the buffer

[USN-5078-3] Squashfs-Tools vulnerability [07:54]

  • 1 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
  • Original backport of patch contained an error and so failed to work for squashfs 2.x filesystems - would fail to actually sort entries as expected - thanks to Salvatore Bonaccorso from the Debian security team for bringing this to our attention

Goings on in Ubuntu Security Community

Ubuntu 21.10 (Impish Indri) released [09:08]

Hiring [13:12]

Security Product Manager

Get in contact

  continue reading

231 tập

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

Tất cả các tập

×
 
Loading …

Chào mừng bạn đến với Player FM!

Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.

 

Tương tự như Ubuntu Security Podcast

Nghe hơn 500 chủ đề
Player FM - Ứng dụng Podcast
Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
Get it on App Store Get it on Google Play

Hướng dẫn sử dụng nhanh

Podcast hàng đầu
Tạp chí thể thao
Tạp chí kinh tế
KBS WORLD Radio Tiếng Hàn qua phim ảnh
Vietnamese News - NHK WORLD RADIO JAPAN
Tạp chí tiêu điểm
The Present Writer
Tạp chí khoa học
Podcasts – Life Abroad Podcast
Player FM logo
Trợ giúp / Hỏi đáp FAQ | Nâng cấp | Advertise
Nghệ thuật|Kinh doanh|Hài kịch|Kinh tế|Giải trí|Tin tức|Chính trị|Tôn giáo
Khoa học|Bóng đá|Thể thao|Chuyện kể|Công nghệ|Tội phạm có thật
Bản quyền 2024 | Sơ đồ trang web | Chính Sách Bảo Mật | Điều khoản dịch vụ | | Bản quyền
Episode being played series thumbnail
icon icon
Tốc độ
Cài đặt series
1x
1x
Volume
100%
icon
icon icon
/

Xem Player FM trong ...
Player FM
Browser
Chrome
Safari
Firefox