Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file.
Archive for Ubuntu
Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file.
Several security issues were fixed in bzip2.
Several security issues were fixed in bzip2.
Ubuntu 4037-1: policykit-desktop-privileges update
A security improvement has been made to policykit-desktop-privileges.
Ubuntu 4036-1: OpenStack Neutron vulnerability
A system hardening measure could be bypassed.
Several security issues were fixed in Ceph.
A sandbox escape was discovered in Firefox.
Ubuntu 4031-1: Linux kernel vulnerability
64-Bit PowerPC systems could be made to expose sensitive information.
The system could be made to expose sensitive information.
Several security issues were fixed in Mosquitto.
Ubuntu 4028-1: Thunderbird vulnerabilities
Several security issues were fixed in Thunderbird.
PostgreSQL could be made to crash or run programs if it received specially crafted network traffic.
Bind could be made to crash if it received specially crafted network traffic.
Use more restrictive AppArmor policy for Evince binaries.
On May 14, fixes for CVE-2018-12126, CVE-2018-12127, CVE-2018-12130,and CVE-2019-11091 were released into the Ubuntu Xenial and Bionickernels. These CVEs are security vulnerabilities caused by flaws in thedesign of speculative execution hardware in the computer’s CPU.Researchers discovered that memory contents previously stored in [More…]
VCFTools could be made to crash if it received specially crafted input.
Ubuntu 3964-1: python-gnupg vulnerabilities
Several security issues were fixed in python-gnupg
Several security issues were fixed in PHP.
Memcached could be made to crash if it received specially crafted network traffic.
libpng be made to crash or run programs if it opened a specially crafted file.
Dovecot could be made to crash if it received specially crafted network traffic.
WavPack could be made to crash if it received a speciallycrafted file.
Evince could be made to expose sensitive information if it receiveda specially crafted file.
Several security issues were fixed in MySQL.
Ubuntu 3958-1: GStreamer Base Plugins vulnerability
GStreamer Base Plugins could be made to crash or run programs if it received specially crafted network traffic.
Bind could be made to consume resources if it received specially crafted network traffic.
tcpflow could be made to crash or expose sensitive information over the network if it opened a specially crafted file or received specially crafted network traffic.
Several security issues were fixed in PHP.
Ubuntu 3954-1: FreeRADIUS vulnerabilities
FreeRADIUS could be made to bypass authentication if it received a specially crafted input.