Episode 127


Manage episode 300334995 series 2423058
על ידי Alex Murray and Ubuntu Security Team התגלה על ידי Player FM והקהילה שלנו - זכויות היוצרים שמורות למפרסם, לא ל-Player FM, והשמע מוזרם ישירות מהשרתים שלכם. הירשמו כדי לעקוב אחר עדכונים ב-Player FM, או הדביקו את כתובת העדכונים באפליקציות פודקאסט אחרות.


This week we look at security updates for Firefox, PostgreSQL, MariaDB, HAProxy, the Linux kernel and more, plus we cover some current openings on the team - come join us ☺

This week in Ubuntu Security Updates

35 unique CVEs addressed

[USN-5037-1] Firefox vulnerabilities [00:39]

  • 10 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • 91.0
    • Better support for clearing cookies to stop possible hidden data leaks as part of the Total Cookie Protection
    • Private browsing to use attempt HTTPS by default than fallback to HTTP
    • Various security fixes:
      • race condition on DNS resolution specific to Linux -> memory corruption -> crash / RCE
      • also specific to Linux - subsequent permissions dialogs would accept input in the location of the original one - so could possibly trick a user into accepting a permission without their direct knowledge
      • various other memory corruption issues in JIT etc

[USN-3809-2] OpenSSH regression [02:54]

  • 2 CVEs addressed in Bionic (18.04 LTS)
  • Episode 11 - possible user enumeration since as a result of patching CVE-2018-15473 the behaviour when trying to log in changed depending on whether the specific user account existed or not - due to a mistake made when backporting the upstream patch

[USN-5038-1] PostgreSQL vulnerabilities [03:38]

  • 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • 2 possible remote crasher bugs - one through just sending a crafted TLS ClientHello message -> NULL ptr deref -> crash, the other via the planner which is used to try and optimise SQL queries - possible OOB read

[USN-5022-2] MariaDB vulnerabilities [04:19]

  • 2 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
  • Episode 124 in MySQL - only 2 of these also were relevant to MariaDB
  • Like MySQL, update to latest point release in each series - 10.5.12 for hirsute, 10.3.31 for focal - includes both bug and security fixes

[USN-5042-1] HAProxy vulnerabilities [05:07]

  • Affecting Focal (20.04 LTS), Hirsute (21.04)
  • HTTP/2 handling issues in HAProxy
  • Researchers investigated HTTP/2 handling in various gateway / proxies and found multiple issues - HTTP/2 desync attacks - allow to possibly hijack clients, poison caches, and steal credentials
  • Initially HAProxy upstream thought they were safe but then found after more analysis they were vulnerable to a few of the possible issues
    • Can be mitigated by disabling HTTP/2 or just install these updates :)

[USN-5043-1] Exiv2 vulnerabilities [06:04]

[USN-5039-1] Linux kernel vulnerability [06:49]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)
  • netfilter setsockopt()

[LSN-0080-1] Linux kernel vulnerability [07:08]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS)

[USN-5044-1] Linux kernel vulnerabilities [07:39]

[USN-5045-1] Linux kernel vulnerabilities [08:06]

[USN-5046-1] Linux kernel vulnerabilities [08:31]

Goings on in Ubuntu Security Community

Hiring [09:10]

Linux Cryptography and Security Engineer

Security Engineer - Ubuntu

Get in contact

141 פרקים