به منظور ارائه بهترین تجربه ممکن ، این سایت از کوکی ها استفاده می کند. برای کسب اطلاعات بیشتر خط مشی رازداری و شرایط خدمات ما را بررسی کنید. متوجه شدم
Artwork

Alex Murray Ubuntu Security Team Linux Tech Operating Systems Alex and Joe Security Software Development
محتوای ارائه شده توسط Alex Murray and Ubuntu Security Team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Alex Murray and Ubuntu Security Team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

مشابه Ubuntu Security Podcast

Player FM - برنامه پادکست
با برنامه Player FM !
Get it on App Store Get it on Google Play

Ubuntu Security Podcast « »
Episode 182

12:39
 
پخش
پخش کردن
اشتراک گذاری
 

MP3خانه قسمت
Manage episode 348023050 series 2423058
محتوای ارائه شده توسط Alex Murray and Ubuntu Security Team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Alex Murray and Ubuntu Security Team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

Overview

After a longer-than-expected break, the Ubuntu Security Podcast is back, covering some highlights of the various security items planned during the 23.04 development cycle, our entrance into the fediverse of Mastodon, some open positions on the team and some of the details of the various security updates from the past week.

This week in Ubuntu Security Updates

67 unique CVEs addressed

[USN-5726-1] Firefox vulnerabilities [00:45]

[LSN-0090-1] Linux kernel vulnerability [01:16]

  • 6 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS)
  • Race condition in io_uring -> UAF (from Pwn2Own 2022)
  • OOB write in netfilter - requires CAP_NET_ADMIN but this can be obtained from within an unprivileged user namespace
    • Another example of why the Ubuntu Security team is pushing to disable the use of unprivileged user namespaces by arbitrary processes in future Ubuntu releases

Livepatch version information per release

canonical-livepatch status
Kernel type 22.04 20.04 18.04
aws 90.3 90.2
aws-5.15 90.3
aws-5.4 90.2
azure 90.2 90.2
azure-5.4 90.2
gcp 90.3 90.2
gcp-5.15 90.3
gcp-5.4 90.2
generic-5.4 90.2 90.2
gke 90.3 90.2
gke-5.15 90.3
gke-5.4 90.2
gkeop 90.2
gkeop-5.4 90.2
ibm 90.2 90.2
ibm-5.4 90.2
linux 90.2
lowlatency 90.2
lowlatency-5.4 90.2 90.2

[USN-5727-1] Linux kernel vulnerabilities [02:31]

[USN-5728-1] Linux kernel vulnerabilities

[USN-5729-1] Linux kernel vulnerabilities

[USN-5727-2] Linux kernel (GCP) vulnerabilities

[USN-5728-2] Linux kernel vulnerabilities

[USN-5729-2] Linux kernel vulnerabilities

[USN-5730-1] WebKitGTK vulnerabilities [02:41]

[USN-5731-1] multipath-tools vulnerabilities [03:05]

  • 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)
  • 2 issues discovered by Qualys - one in handling of symlinks in /dev/shm and the other around the handling of UNIX domain sockets - could be combined together with another unspecified vulnerability in a different component installed by default on Ubuntu Server 22.04 to achieve privilege escalation to root - will be interesting to find out what this other vulnerability is in the future

[USN-5638-2] Expat vulnerabilities [03:53]

[USN-5732-1] Unbound vulnerability [04:02]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)

[USN-5686-2, USN-5686-3] Git vulnerabilities

[USN-5733-1] FLAC vulnerabilities

[USN-5658-3] DHCP vulnerabilities

[USN-5716-2] SQLite vulnerability

[USN-5734-1] FreeRDP vulnerabilities [04:15]

[USN-5735-1] Sysstat vulnerability

[USN-5737-1] APR-util vulnerability

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)

Goings on in Ubuntu Security Community

23.04 Ubuntu Security roadmap [04:52]

  • Since the last podcast in Episode 181, had both the 23.04 start-of-cycle product roadmap sprint and engineering sprints in Prague (followed by the Ubuntu Summit)
  • Some of the highlights for the Ubuntu Security team’s 23.04 roadmap
    • Tabletop exercises
    • Improvements to OVAL data
    • Various AppArmor improvements including user namespace mediation across the distro, plus working with upstream kernel developers on io_uring mediation
    • Security improvements for Ubuntu Core including better integrity verification
    • Usual security and other ongoing maintenance tasks
      • CVE patching, MIR package reviews, Snap Store security reviews, FIPS maintenance and more
    • A heap of customer specific / commercially sensitive stuff too
  • Will talk more about a lot of these topics in future episodes

Hiring [08:46]

Security Engineer - Ubuntu

Linux Cryptography and Security Engineer

Ubuntu Security Manager

  • https://canonical.com/careers/4192903
  • One requisition, looking to fill multiple different manager positions - Security Maintenance, Security Certifications and Security Technologies teams

The Ubuntu Security Team is now part of the Mastodon Fediverse [10:10]

  • @ubuntusecurity@fosstodon.org
  • With all the recent drama on twitter, decided to establish a presence on the fosstodon.org Mastodon instance as well
  • Mastodon is similar to twitter but instead of being one single centralised service, consists of multiple federated servers - so a user on one server can follow users on other servers - but allows different communities to have their own servers if desired
  • Appears to be a good alternative to Twitter
  • Will operate both and try to keep the two in-sync

Get in contact

  continue reading

231 قسمت

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development
Artwork

Episode 182

Ubuntu Security Podcast

138 subscribers

published

پخش پخش کردن
iconاشتراک گذاری
 
MP3خانه قسمت
Manage episode 348023050 series 2423058
محتوای ارائه شده توسط Alex Murray and Ubuntu Security Team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Alex Murray and Ubuntu Security Team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

Overview

After a longer-than-expected break, the Ubuntu Security Podcast is back, covering some highlights of the various security items planned during the 23.04 development cycle, our entrance into the fediverse of Mastodon, some open positions on the team and some of the details of the various security updates from the past week.

This week in Ubuntu Security Updates

67 unique CVEs addressed

[USN-5726-1] Firefox vulnerabilities [00:45]

[LSN-0090-1] Linux kernel vulnerability [01:16]

  • 6 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS)
  • Race condition in io_uring -> UAF (from Pwn2Own 2022)
  • OOB write in netfilter - requires CAP_NET_ADMIN but this can be obtained from within an unprivileged user namespace
    • Another example of why the Ubuntu Security team is pushing to disable the use of unprivileged user namespaces by arbitrary processes in future Ubuntu releases

Livepatch version information per release

canonical-livepatch status
Kernel type 22.04 20.04 18.04
aws 90.3 90.2
aws-5.15 90.3
aws-5.4 90.2
azure 90.2 90.2
azure-5.4 90.2
gcp 90.3 90.2
gcp-5.15 90.3
gcp-5.4 90.2
generic-5.4 90.2 90.2
gke 90.3 90.2
gke-5.15 90.3
gke-5.4 90.2
gkeop 90.2
gkeop-5.4 90.2
ibm 90.2 90.2
ibm-5.4 90.2
linux 90.2
lowlatency 90.2
lowlatency-5.4 90.2 90.2

[USN-5727-1] Linux kernel vulnerabilities [02:31]

[USN-5728-1] Linux kernel vulnerabilities

[USN-5729-1] Linux kernel vulnerabilities

[USN-5727-2] Linux kernel (GCP) vulnerabilities

[USN-5728-2] Linux kernel vulnerabilities

[USN-5729-2] Linux kernel vulnerabilities

[USN-5730-1] WebKitGTK vulnerabilities [02:41]

[USN-5731-1] multipath-tools vulnerabilities [03:05]

  • 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)
  • 2 issues discovered by Qualys - one in handling of symlinks in /dev/shm and the other around the handling of UNIX domain sockets - could be combined together with another unspecified vulnerability in a different component installed by default on Ubuntu Server 22.04 to achieve privilege escalation to root - will be interesting to find out what this other vulnerability is in the future

[USN-5638-2] Expat vulnerabilities [03:53]

[USN-5732-1] Unbound vulnerability [04:02]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)

[USN-5686-2, USN-5686-3] Git vulnerabilities

[USN-5733-1] FLAC vulnerabilities

[USN-5658-3] DHCP vulnerabilities

[USN-5716-2] SQLite vulnerability

[USN-5734-1] FreeRDP vulnerabilities [04:15]

[USN-5735-1] Sysstat vulnerability

[USN-5737-1] APR-util vulnerability

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)

Goings on in Ubuntu Security Community

23.04 Ubuntu Security roadmap [04:52]

  • Since the last podcast in Episode 181, had both the 23.04 start-of-cycle product roadmap sprint and engineering sprints in Prague (followed by the Ubuntu Summit)
  • Some of the highlights for the Ubuntu Security team’s 23.04 roadmap
    • Tabletop exercises
    • Improvements to OVAL data
    • Various AppArmor improvements including user namespace mediation across the distro, plus working with upstream kernel developers on io_uring mediation
    • Security improvements for Ubuntu Core including better integrity verification
    • Usual security and other ongoing maintenance tasks
      • CVE patching, MIR package reviews, Snap Store security reviews, FIPS maintenance and more
    • A heap of customer specific / commercially sensitive stuff too
  • Will talk more about a lot of these topics in future episodes

Hiring [08:46]

Security Engineer - Ubuntu

Linux Cryptography and Security Engineer

Ubuntu Security Manager

  • https://canonical.com/careers/4192903
  • One requisition, looking to fill multiple different manager positions - Security Maintenance, Security Certifications and Security Technologies teams

The Ubuntu Security Team is now part of the Mastodon Fediverse [10:10]

  • @ubuntusecurity@fosstodon.org
  • With all the recent drama on twitter, decided to establish a presence on the fosstodon.org Mastodon instance as well
  • Mastodon is similar to twitter but instead of being one single centralised service, consists of multiple federated servers - so a user on one server can follow users on other servers - but allows different communities to have their own servers if desired
  • Appears to be a good alternative to Twitter
  • Will operate both and try to keep the two in-sync

Get in contact

  continue reading

231 قسمت

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

همه قسمت ها

×
 
Loading …

به Player FM خوش آمدید!

Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.

 

مشابه Ubuntu Security Podcast

به بیش از 500 موضوع گوش کنید
Player FM - برنامه پادکست
با برنامه Player FM !
Get it on App Store Get it on Google Play

راهنمای مرجع سریع

پادکست های برتر
Dialogue Podcast | پادکست دیالوگ
طنزپردازی | tanzpardazi
نود و هشت، پنجاه و سه
GoushFilm | گوش‌فیلم
Timche podcast | پادکست اقتصادی تیمچه
پادکست Archives - جادی
ایستگاه فردا
مجله شبانگاهی
Hellitalk
StringBooks
ChannelB پادکست فارسی
Player FM logo
راهنما/پرسش و پاسخ | ارتقا | Advertise
هنر|تجارت|کمدی|اقتصاد|سرگرمی|اخبار|سیاست|دین
علم|فوتبال|ورزشی|داستان سرایی|تکنولوژی|جنایت واقعی
حق چاپ 2024 | نقشه سایت | حریم خصوصی | شرایط خدمات | | کپی رایت
Episode being played series thumbnail
icon icon
سرعت
تنظیمات سری
1x
1x
Volume
100%
icon
icon icon
/

مشاهده Player FM در ...
Player FM
Browser
Chrome
Safari
Firefox