Ubuntu Secutity Notices

ghostscript regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

USN-3831-1 introduced a regression in Ghostscript.

Software Description

• ghostscript - PostScript and PDF interpreter

Details

USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem.

Original advisory details:

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

ghostscript - 9.26~dfsg+0-0ubuntu0.18.10.3

libgs9 - 9.26~dfsg+0-0ubuntu0.18.10.3

Ubuntu 18.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.18.04.3

libgs9 - 9.26~dfsg+0-0ubuntu0.18.04.3

Ubuntu 16.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.16.04.3

libgs9 - 9.26~dfsg+0-0ubuntu0.16.04.3

Ubuntu 14.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.14.04.3

libgs9 - 9.26~dfsg+0-0ubuntu0.14.04.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• USN-3831-1
• LP: 1806517

openssl, openssl1.0 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in OpenSSL.

Software Description

• openssl - Secure Socket Layer (SSL) cryptographic library and tools
• openssl1.0 - Secure Socket Layer (SSL) cryptographic library and tools

Details

Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)

Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)

Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as "PortSmash". An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libssl1.0.0 - 1.0.2n-1ubuntu6.1

libssl1.1 - 1.1.1-1ubuntu2.1

Ubuntu 18.04 LTS

libssl1.0.0 - 1.0.2n-1ubuntu5.2

libssl1.1 - 1.1.0g-2ubuntu4.3

Ubuntu 16.04 LTS

libssl1.0.0 - 1.0.2g-1ubuntu4.14

Ubuntu 14.04 LTS

libssl1.0.0 - 1.0.1f-1ubuntu2.27

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References

• CVE-2018-0734
• CVE-2018-0735
• CVE-2018-5407

wavpack vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in WavPack.

Software Description

• wavpack - audio codec (lossy and lossless) - encoder and decoder

Details

It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-19840, CVE-2018-19841)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libwavpack1 - 5.1.0-4ubuntu0.1

wavpack - 5.1.0-4ubuntu0.1

Ubuntu 18.04 LTS

libwavpack1 - 5.1.0-2ubuntu1.2

wavpack - 5.1.0-2ubuntu1.2

Ubuntu 16.04 LTS

libwavpack1 - 4.75.2-2ubuntu0.2

wavpack - 4.75.2-2ubuntu0.2

Ubuntu 14.04 LTS

libwavpack1 - 4.70.0-1ubuntu0.2

wavpack - 4.70.0-1ubuntu0.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2018-19840
• CVE-2018-19841

libraw vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

LibRaw could be made to crash or run programs as your login if it opened a specially crafted file.

Software Description

• libraw - raw image decoder library

Details

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

libraw16 - 0.18.8-1ubuntu0.2

Ubuntu 16.04 LTS

libraw15 - 0.17.1-1ubuntu0.4

Ubuntu 14.04 LTS

libraw9 - 0.15.4-1ubuntu0.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all the necessary changes.

References

• CVE-2018-5807
• CVE-2018-5810
• CVE-2018-5811
• CVE-2018-5812
• CVE-2018-5813
• CVE-2018-5815
• CVE-2018-5816

spamassassin vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 12.04 ESM

Summary

Several security issues were fixed in SpamAssassin.

Software Description

• spamassassin - Perl-based spam filter using text analysis

Details

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11780)

It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11781)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM

spamassassin - 3.4.2-0ubuntu0.12.04.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

• USN-3811-1
• CVE-2018-11780
• CVE-2018-11781

poppler vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in poppler.

Software Description

• poppler - PDF rendering library

Details

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060)

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-19149)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libpoppler79 - 0.68.0-0ubuntu1.2

poppler-utils - 0.68.0-0ubuntu1.2

Ubuntu 18.04 LTS

libpoppler73 - 0.62.0-2ubuntu2.4

poppler-utils - 0.62.0-2ubuntu2.4

Ubuntu 16.04 LTS

libpoppler58 - 0.41.0-0ubuntu1.9

poppler-utils - 0.41.0-0ubuntu1.9

Ubuntu 14.04 LTS

libpoppler44 - 0.24.5-2ubuntu4.13

poppler-utils - 0.24.5-2ubuntu4.13

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2018-16646
• CVE-2018-19058
• CVE-2018-19059
• CVE-2018-19060
• CVE-2018-19149

linux-hwe, linux-gcp vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-hwe - Linux hardware enablement (HWE) kernel

Details

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS

linux-image-4.15.0-1025-gcp - 4.15.0-1025.26~16.04.1

linux-image-4.15.0-42-generic - 4.15.0-42.45~16.04.1

linux-image-4.15.0-42-generic-lpae - 4.15.0-42.45~16.04.1

linux-image-4.15.0-42-lowlatency - 4.15.0-42.45~16.04.1

linux-image-gcp - 4.15.0.1025.39

linux-image-generic-hwe-16.04 - 4.15.0.42.63

linux-image-generic-lpae-hwe-16.04 - 4.15.0.42.63

linux-image-gke - 4.15.0.1025.39

linux-image-lowlatency-hwe-16.04 - 4.15.0.42.63

linux-image-oem - 4.15.0.42.63

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• USN-3836-1
• CVE-2018-18955
• CVE-2018-6559

linux, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux - Linux kernel
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-kvm - Linux kernel for cloud environments
• linux-raspi2 - Linux kernel for Raspberry Pi 2

Details

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

linux-image-4.15.0-1025-gcp - 4.15.0-1025.26

linux-image-4.15.0-1027-kvm - 4.15.0-1027.27

linux-image-4.15.0-1029-raspi2 - 4.15.0-1029.31

linux-image-4.15.0-42-generic - 4.15.0-42.45

linux-image-4.15.0-42-generic-lpae - 4.15.0-42.45

linux-image-4.15.0-42-lowlatency - 4.15.0-42.45

linux-image-4.15.0-42-snapdragon - 4.15.0-42.45

linux-image-gcp - 4.15.0.1025.27

linux-image-generic - 4.15.0.42.44

linux-image-generic-lpae - 4.15.0.42.44

linux-image-gke - 4.15.0.1025.27

linux-image-kvm - 4.15.0.1027.27

linux-image-lowlatency - 4.15.0.42.44

linux-image-raspi2 - 4.15.0.1029.27

linux-image-snapdragon - 4.15.0.42.44

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• CVE-2018-18955
• CVE-2018-6559

linux, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux - Linux kernel
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-kvm - Linux kernel for cloud environments
• linux-raspi2 - Linux kernel for Raspberry Pi 2

Details

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972)

Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service (system crash), expose sensitive information, or possibly execute arbitrary code. (CVE-2018-18281)

It was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)

Daniel Dadap discovered that the module loading implementation in the Linux kernel did not properly enforce signed module loading when booted with UEFI Secure Boot in some situations. A local privileged attacker could use this to execute untrusted code in the kernel. (CVE-2018-18653)

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

linux-image-4.18.0-1004-gcp - 4.18.0-1004.5

linux-image-4.18.0-1005-kvm - 4.18.0-1005.5

linux-image-4.18.0-1007-raspi2 - 4.18.0-1007.9

linux-image-4.18.0-12-generic - 4.18.0-12.13

linux-image-4.18.0-12-generic-lpae - 4.18.0-12.13

linux-image-4.18.0-12-lowlatency - 4.18.0-12.13

linux-image-4.18.0-12-snapdragon - 4.18.0-12.13

linux-image-gcp - 4.18.0.1004.4

linux-image-generic - 4.18.0.12.13

linux-image-generic-lpae - 4.18.0.12.13

linux-image-gke - 4.18.0.1004.4

linux-image-kvm - 4.18.0.1005.5

linux-image-lowlatency - 4.18.0.12.13

linux-image-raspi2 - 4.18.0.1007.4

linux-image-snapdragon - 4.18.0.12.13

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• CVE-2018-17972
• CVE-2018-18281
• CVE-2018-18445
• CVE-2018-18653
• CVE-2018-18955
• CVE-2018-6559

perl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 12.04 ESM

Summary

Several security issues were fixed in Perl.

Software Description

• perl - Practical Extraction and Report Language

Details

USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM

perl - 5.14.2-6ubuntu2.9

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• USN-3834-1
• CVE-2018-18311
• CVE-2018-18313

perl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Perl.

Software Description

• perl - Practical Extraction and Report Language

Details

Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313)

Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

perl - 5.26.2-7ubuntu0.1

Ubuntu 18.04 LTS

perl - 5.26.1-6ubuntu0.3

Ubuntu 16.04 LTS

perl - 5.22.1-9ubuntu0.6

Ubuntu 14.04 LTS

perl - 5.18.2-2ubuntu1.7

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2018-18311
• CVE-2018-18312
• CVE-2018-18313
• CVE-2018-18314

linux-aws vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux-aws - Linux kernel for Amazon Web Services (AWS) systems

Details

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

linux-image-4.15.0-1029-aws - 4.15.0-1029.30

linux-image-aws - 4.15.0.1029.29

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• CVE-2018-18955
• CVE-2018-6559

linux-aws vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux-aws - Linux kernel for Amazon Web Services (AWS) systems

Details

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972)

Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service (system crash), expose sensitive information, or possibly execute arbitrary code. (CVE-2018-18281)

It was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)

Daniel Dadap discovered that the module loading implementation in the Linux kernel did not properly enforce signed module loading when booted with UEFI Secure Boot in some situations. A local privileged attacker could use this to execute untrusted code in the kernel. (CVE-2018-18653)

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

linux-image-4.18.0-1006-aws - 4.18.0-1006.7

linux-image-aws - 4.18.0.1006.6

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes. XXX MAYBE WITH XXX ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• CVE-2018-17972
• CVE-2018-18281
• CVE-2018-18445
• CVE-2018-18653
• CVE-2018-18955
• CVE-2018-6559

libssh regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

USN-3795-1 and USN-3795-2 introduced a regression in libssh.

Software Description

• libssh - A tiny C SSH library

Details

USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem.

Original advisory details:

Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libssh-4 - 0.8.1-1ubuntu0.3

Ubuntu 18.04 LTS

libssh-4 - 0.8.0~20170825.94fa1e38-1ubuntu0.2

Ubuntu 16.04 LTS

libssh-4 - 0.6.3-4.3ubuntu0.2

Ubuntu 14.04 LTS

libssh-4 - 0.6.1-0ubuntu3.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References

• USN-3795-1
• LP: 1805348

ghostscript vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Ghostscript.

Software Description

• ghostscript - PostScript and PDF interpreter

Details

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

ghostscript - 9.26~dfsg+0-0ubuntu0.18.10.1

libgs9 - 9.26~dfsg+0-0ubuntu0.18.10.1

Ubuntu 18.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.18.04.1

libgs9 - 9.26~dfsg+0-0ubuntu0.18.04.1

Ubuntu 16.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.16.04.1

libgs9 - 9.26~dfsg+0-0ubuntu0.16.04.1

Ubuntu 14.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.14.04.1

libgs9 - 9.26~dfsg+0-0ubuntu0.14.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

• CVE-2018-19409
• CVE-2018-19475
• CVE-2018-19476
• CVE-2018-19477

openjdk-8, openjdk-lts regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS

Summary

USN-3804-1 introduced a regression in OpenJDK.

Software Description

• openjdk-lts - Open Source Java implementation
• openjdk-8 - Open Source Java implementation

Details

USN-3804-1 fixed vulnerabilities in OpenJDK. Unfortunately, that update introduced a regression when validating JAR files that prevented Java applications from finding classes in some situations. This update fixes the problem.

We apologize for the inconvenience.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

openjdk-11-jdk - 10.0.2+13-1ubuntu0.18.04.4

openjdk-11-jre - 10.0.2+13-1ubuntu0.18.04.4

openjdk-11-jre-headless - 10.0.2+13-1ubuntu0.18.04.4

Ubuntu 16.04 LTS

openjdk-8-jdk - 8u191-b12-0ubuntu0.16.04.1

openjdk-8-jre - 8u191-b12-0ubuntu0.16.04.1

openjdk-8-jre-headless - 8u191-b12-0ubuntu0.16.04.1

openjdk-8-jre-jamvm - 8u191-b12-0ubuntu0.16.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.

References

• LP: 1800792
• USN-3804-1

samba vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 12.04 ESM

Summary

Several security issues were fixed in Samba.

Software Description

• samba - SMB/CIFS file, print, and login server for Unix

Details

USN-3827-1 fixed a vulnerability in samba. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-14629)

Alex MacCuish discovered that Samba incorrectly handled memory when configured to accept smart-card authentication. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16841)

Garming Sam discovered that Samba incorrectly handled memory when processing LDAP searches. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16851)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM

samba - 2:3.6.25-0ubuntu0.12.04.16

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• USN-3827-1
• CVE-2018-14629
• CVE-2018-16841
• CVE-2018-16851

systemd regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 16.04 LTS

Summary

USN-3816-1 caused a regression in systemd-tmpfiles.

Software Description

• systemd - system and service manager

Details

USN-3816-1 fixed vulnerabilities in systemd. The fix for CVE-2018-6954 caused a regression in systemd-tmpfiles when running Ubuntu inside a container on some older kernels. This issue only affected Ubuntu 16.04 LTS. In order to continue to support this configuration, the fixes for CVE-2018-6954 have been reverted.

We apologize for the inconvenience.

Original advisory details:

Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686)

Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-15687)

It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-6954)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS

systemd - 229-4ubuntu21.10

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References

• USN-3816-1
• LP: 1804847

git vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Git.

Software Description

• git - fast, scalable, distributed revision control system

Details

It was discovered that Git incorrectly handled layers of tree objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15298)

It was discovered that Git incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-19486)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

git - 1:2.19.1-1ubuntu1.1

Ubuntu 18.04 LTS

git - 1:2.17.1-1ubuntu0.4

Ubuntu 16.04 LTS

git - 1:2.7.4-0ubuntu1.6

Ubuntu 14.04 LTS

git - 1:1.9.1-1ubuntu0.10

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2017-15298
• CVE-2018-19486

webkit2gtk vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS

Summary

Several security issues were fixed in WebKitGTK+.

Software Description

• webkit2gtk - Web content engine library for GTK+

Details

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libjavascriptcoregtk-4.0-18 - 2.22.4-0ubuntu0.18.10.1

libwebkit2gtk-4.0-37 - 2.22.4-0ubuntu0.18.10.1

Ubuntu 18.04 LTS

libjavascriptcoregtk-4.0-18 - 2.22.4-0ubuntu0.18.04.1

libwebkit2gtk-4.0-37 - 2.22.4-0ubuntu0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

References

• CVE-2018-4345
• CVE-2018-4372
• CVE-2018-4386