Episode 108

Episode 108

Update: 2021-03-19
Share

Description

Overview


This week we start preparing for 16.04 LTS to transition to Extended
Security Maintenance, plus we look at security updates for OpenSSH, Python,
the Linux kernel and more, as well as some currently open positions on our
team.


This week in Ubuntu Security Updates


28 unique CVEs addressed


[USN-4762-1] OpenSSH vulnerability [00:54 ]



  • 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)


  • Double free in ssh-agent - so only affects openssh-client and where the
    ssh-agent socket is able to be accessed by other users etc - on moderns
    systems the socket is only accessible by the owner so would need to have
    forwarded the ssh-agent to an attacker controlled host perhaps to be
    vulnerable..


[USN-4763-1] Pillow vulnerabilities [01:50 ]



[USN-4754-3] Python vulnerabilities [02:50 ]



[USN-4764-1] GLib vulnerability [04:57 ]



  • 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)


  • g_file_replace() on a dangling symlink would also create the target of
    the symlink as an empty file (but only if did not already exist)


[USN-4876-1] Linux kernel vulnerabilities [05:49 ]



[USN-4877-1] Linux kernel vulnerabilities



[USN-4878-1] Linux kernel vulnerabilities



[USN-4879-1] Linux kernel vulnerabilities



  • 2 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)


  • 5.8

  • Marvell wifi driver buffer overflow - could be triggered by a malicious
    remote device sending a overly long ad-hoc SSID value - DoS, RCE


[USN-4880-1] OpenJPEG vulnerabilities [07:00 ]



Goings on in Ubuntu Security Community


Preparing for 16.04 ESM transition [07:35 ]



Hiring [10:17 ]


AppArmor Security Engineer



Ubuntu Security Engineer



Security Engineer - Ubuntu



Get in contact


Comments 
In Channel
Episode 115

Episode 115

2021-05-1412:44

Episode 114

Episode 114

2021-05-0612:44

Episode 113

Episode 113

2021-04-3016:28

Episode 112

Episode 112

2021-04-1614:37

Episode 111

Episode 111

2021-04-0812:10

Episode 110

Episode 110

2021-04-0113:57

Episode 109

Episode 109

2021-03-2608:16

Episode 108

Episode 108

2021-03-1911:48

Episode 107

Episode 107

2021-03-1212:04

Episode 106

Episode 106

2021-03-0414:00

Episode 105

Episode 105

2021-02-2517:03

Episode 104

Episode 104

2021-02-1914:18

Episode 103

Episode 103

2021-02-1213:14

Episode 102

Episode 102

2021-02-0512:26

Episode 101

Episode 101

2021-01-2827:25

Episode 100

Episode 100

2020-12-1117:46

Episode 99

Episode 99

2020-12-0418:35

Episode 98

Episode 98

2020-11-2713:54

Episode 97

Episode 97

2020-11-2115:11

Episode 96

Episode 96

2020-11-1307:41

loading
Download from Google Play
Download from App Store
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Episode 108

Episode 108

Ubuntu Security Team