Episode 139

Ubuntu Security Podcast

Alex Murray and Ubuntu Security Team에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Alex Murray and Ubuntu Security Team 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.

2+ y ago 7:49

MP3•에피소드 홈

Overview

This week we put out a call for testing and feedback on proposed Samba updates for Ubuntu 18.04 LTS plus we look at security updates for Mailman, Thunderbird, LibreOffice, BlueZ and more.

This week in Ubuntu Security Updates

15 unique CVEs addressed

[USN-5150-1] OpenEXR vulnerability [00:39]

1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- CVE-2021-3941
oss-fuzz -> div-by-zero with crafted image using YUV-encoded colors

[USN-5151-1] Mailman vulnerabilities [00:58]

2 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- CVE-2021-43332
- CVE-2021-43331
Similar to vulns in last Mailman update (Episode 136)

[USN-5152-1] Thunderbird vulnerabilities [01:27]

5 CVEs addressed in Impish (21.10)
91.3.1
Usual web framework issues (HTML email etc) - one TB specific issue around the ability to force TB into full-screen via web content navigation - could then spoof usual chrome which is hidden in fullscreen and get user input unexpectedly

[USN-5153-1] LibreOffice vulnerabilities [02:23]

2 CVEs addressed in Focal (20.04 LTS)
- CVE-2021-25634
- CVE-2021-25633
2 issues around interpretation / display of details for signed documents - could inject a new timestamp and get this shown as the time the document was signed, or could cause to show incorrect details for a signed document by adding details from another certificate
Too invasive to backport for 18.04 LTS

[USN-5154-1] FreeRDP vulnerabilities [03:28]

2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
- CVE-2021-41160
- CVE-2021-41159
OOB write in client if sent malicious data from server -> crash / code-exec
if using a gateway and the RPC protocol, would fail to validate input -> malicious gateway could then corrupt client memory -> crash / code-exec

[USN-5155-1] BlueZ vulnerabilities [04:07]

3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
Would save and restore discoverable status on power down / power up - so if powered down when discoverable would power up as discoverable
UAF if gatt client disconnected during a particular write operation with dbus - so would likely need bad luck or cooperation between a local application / user and the device to trigger
Memory leak in handling of SDP devices -> DoS

Goings on in Ubuntu Security Community

Samba updates available for testing for Ubuntu 18.04 LTS [05:24]

https://discourse.ubuntu.com/t/samba-update-for-ubuntu-18-04-lts-bionic/25408
Episode 138 discussed difficulties in handling large security updates for ageing software
Backport ~700 patches (with potential regressions) or backport newer version, possibly breaking things in the process due to new features / changes in behaviour etc (plus incompatibilities with other software in Ubuntu archive)
Upstream released
Contains fixes for the most severe CVEs from the most recent updates for Samba (USN-5142-1) - CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671

Get in contact

231 에피소드

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

Episode 139

Ubuntu Security Podcast

138 subscribers

published 2+ y ago

MP3•에피소드 홈

Overview

This week we put out a call for testing and feedback on proposed Samba updates for Ubuntu 18.04 LTS plus we look at security updates for Mailman, Thunderbird, LibreOffice, BlueZ and more.

This week in Ubuntu Security Updates

15 unique CVEs addressed

[USN-5150-1] OpenEXR vulnerability [00:39]

1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- CVE-2021-3941
oss-fuzz -> div-by-zero with crafted image using YUV-encoded colors

[USN-5151-1] Mailman vulnerabilities [00:58]

2 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- CVE-2021-43332
- CVE-2021-43331
Similar to vulns in last Mailman update (Episode 136)

[USN-5152-1] Thunderbird vulnerabilities [01:27]

5 CVEs addressed in Impish (21.10)
91.3.1
Usual web framework issues (HTML email etc) - one TB specific issue around the ability to force TB into full-screen via web content navigation - could then spoof usual chrome which is hidden in fullscreen and get user input unexpectedly

[USN-5153-1] LibreOffice vulnerabilities [02:23]

2 CVEs addressed in Focal (20.04 LTS)
- CVE-2021-25634
- CVE-2021-25633
2 issues around interpretation / display of details for signed documents - could inject a new timestamp and get this shown as the time the document was signed, or could cause to show incorrect details for a signed document by adding details from another certificate
Too invasive to backport for 18.04 LTS

[USN-5154-1] FreeRDP vulnerabilities [03:28]

2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
- CVE-2021-41160
- CVE-2021-41159
OOB write in client if sent malicious data from server -> crash / code-exec
if using a gateway and the RPC protocol, would fail to validate input -> malicious gateway could then corrupt client memory -> crash / code-exec

[USN-5155-1] BlueZ vulnerabilities [04:07]

3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
Would save and restore discoverable status on power down / power up - so if powered down when discoverable would power up as discoverable
UAF if gatt client disconnected during a particular write operation with dbus - so would likely need bad luck or cooperation between a local application / user and the device to trigger
Memory leak in handling of SDP devices -> DoS

Goings on in Ubuntu Security Community

Samba updates available for testing for Ubuntu 18.04 LTS [05:24]

https://discourse.ubuntu.com/t/samba-update-for-ubuntu-18-04-lts-bionic/25408
Episode 138 discussed difficulties in handling large security updates for ageing software
Backport ~700 patches (with potential regressions) or backport newer version, possibly breaking things in the process due to new features / changes in behaviour etc (plus incompatibilities with other software in Ubuntu archive)
Upstream released
Contains fixes for the most severe CVEs from the most recent updates for Samba (USN-5142-1) - CVE-2016-2124, CVE-2020-25717, CVE-2020-25722, CVE-2021-3671

Get in contact

231 에피소드

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

모든 에피소드

플레이어 FM에 오신것을 환영합니다!

플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.

500개 이상의 주제를 청취

Ubuntu Security Podcast와 비슷한 콘텐츠

들어볼 가치가 있는 팟캐스트

Ubuntu Security Podcast « » Episode 139

Overview

This week in Ubuntu Security Updates

[USN-5150-1] OpenEXR vulnerability [00:39]

[USN-5151-1] Mailman vulnerabilities [00:58]

[USN-5152-1] Thunderbird vulnerabilities [01:27]

[USN-5153-1] LibreOffice vulnerabilities [02:23]

[USN-5154-1] FreeRDP vulnerabilities [03:28]

[USN-5155-1] BlueZ vulnerabilities [04:07]

Goings on in Ubuntu Security Community

Samba updates available for testing for Ubuntu 18.04 LTS [05:24]

Get in contact

Episode 139

Overview

This week in Ubuntu Security Updates

[USN-5150-1] OpenEXR vulnerability [00:39]

[USN-5151-1] Mailman vulnerabilities [00:58]

[USN-5152-1] Thunderbird vulnerabilities [01:27]

[USN-5153-1] LibreOffice vulnerabilities [02:23]

[USN-5154-1] FreeRDP vulnerabilities [03:28]

[USN-5155-1] BlueZ vulnerabilities [04:07]

Goings on in Ubuntu Security Community

Samba updates available for testing for Ubuntu 18.04 LTS [05:24]

Get in contact

들어볼 가치가 있는 팟캐스트

플레이어 FM에 오신것을 환영합니다!

Ubuntu Security Podcast와 비슷한 콘텐츠

빠른 참조 가이드

Ubuntu Security Podcast « »
Episode 139