به منظور ارائه بهترین تجربه ممکن ، این سایت از کوکی ها استفاده می کند. برای کسب اطلاعات بیشتر خط مشی رازداری و شرایط خدمات ما را بررسی کنید. متوجه شدم
Artwork

Alex Murray Ubuntu Security Team Linux Tech Operating Systems Alex and Joe Security Software Development
محتوای ارائه شده توسط Alex Murray and Ubuntu Security Team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Alex Murray and Ubuntu Security Team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

مشابه Ubuntu Security Podcast

Player FM - برنامه پادکست
با برنامه Player FM !
Get it on App Store Get it on Google Play

Ubuntu Security Podcast « »
Episode 191

14:23
 
پخش
پخش کردن
اشتراک گذاری
 

MP3خانه قسمت
Manage episode 358810554 series 2423058
محتوای ارائه شده توسط Alex Murray and Ubuntu Security Team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Alex Murray and Ubuntu Security Team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

Overview

This week saw the unexpected release of Ubuntu 20.04.6 so we go into the detail behind that, plus we talk Everything Open and we cover security updates including Emacs, LibreCAD, Python, vim and more.

This week in Ubuntu Security Updates

82 unique CVEs addressed

[USN-5955-1] Emacs vulnerability [00:50]

  • 1 CVEs addressed in Xenial ESM (16.04 ESM)
  • htmlfontify package would try and validate whether a given file is text by calling file on it - but would fail to escape the filename - so if a user could be tricked into running htmlfontify-copy-and-link-dir on a crafted directory, could get code execution in the context of emacs
  • Unlikely to be an issue in practice, also there doesn’t appear to be any users of this function on github (other than references to the documentation for it)

[USN-5956-1, USN-5956-2] PHPMailer vulnerabilities [02:03]

[USN-5957-1] LibreCAD vulnerabilities [02:58]

[USN-5855-2] ImageMagick vulnerabilities [03:37]

[USN-5958-1] FFmpeg vulnerabilities [03:45]

[USN-5954-1] Firefox vulnerabilities [03:59]

[USN-5961-1] abcm2ps vulnerabilities

[USN-5962-1] Linux kernel (Intel IoTG) vulnerabilities [04:47]

[USN-5959-1] Kerberos vulnerabilities [05:32]

  • 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • NULL ptr derefs -> crash in kerberos daemon -> DoS

[USN-5960-1] Python vulnerability [05:51]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)
  • possibly to bypass blocklists in urllib.parse() simply by prefixing the URL with a space - blocklisting is not part of upstream functionality but often would be implemented in application / library logic by first using urlparse() to parse the given URL - if prefixed with a space then can get urlparse() to fail to return the correct scheme/hostname - can workaround simply by first calling strip() on URL - apparently upstream still discussing whether the current fix is sufficient so watch this space

[USN-5963-1] Vim vulnerabilities [07:14]

[USN-5964-1] curl vulnerabilities [07:41]

  • 5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)
  • various connection reuse issues - eg. would reuse an SSH connection even if caller had changed an SSH option - similar for FTP.
  • mishandling of ~ in SFTP could then allow access to unintended files (would expand even if not the first part of the path)

[USN-5806-3] Ruby vulnerability [08:43]

[USN-5965-1] TigerVNC vulnerability [08:53]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • when processing a TLS certificate, would store that internally as a certificate authority - then if client connected to a different server would use that stored cert as a CA cert to validate the new server - could then allow a malicious server to impersonate other servers

[USN-5904-2] SoX regression [09:35]

Goings on in Ubuntu Security Community

Ubuntu 20.04.6 LTS Released [09:49]

Unlike previous point releases, 20.04.6 is a refresh of the amd64 installer media after recent key revocations, re-enabling their usage on Secure Boot enabled systems.

Many other security updates for additional high-impact bug fixes are also included, with a focus on maintaining stability and compatibility with Ubuntu 20.04 LTS.

  • TL;DR - recent vulnerabilities in shim and grub meant that we revoked those old versions such that they would not boot anymore if updates had been installed - so if wanted to reinstall using the 20.04.5 media it would fail to boot. Can prove this to yourself:
cat /sys/firmware/efi/efivars/SbatLevelRT-605dab50-e046-4300-abb6-3dd810dd8b23 
sbat,1,2022052400 grub,2 
objdump -j .sbat -s grubx64.efi

Ubuntu Security at Everything Open 2023 [12:02]

Get in contact

  continue reading

231 قسمت

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development
Artwork

Episode 191

Ubuntu Security Podcast

138 subscribers

published

پخش پخش کردن
iconاشتراک گذاری
 
MP3خانه قسمت
Manage episode 358810554 series 2423058
محتوای ارائه شده توسط Alex Murray and Ubuntu Security Team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط Alex Murray and Ubuntu Security Team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

Overview

This week saw the unexpected release of Ubuntu 20.04.6 so we go into the detail behind that, plus we talk Everything Open and we cover security updates including Emacs, LibreCAD, Python, vim and more.

This week in Ubuntu Security Updates

82 unique CVEs addressed

[USN-5955-1] Emacs vulnerability [00:50]

  • 1 CVEs addressed in Xenial ESM (16.04 ESM)
  • htmlfontify package would try and validate whether a given file is text by calling file on it - but would fail to escape the filename - so if a user could be tricked into running htmlfontify-copy-and-link-dir on a crafted directory, could get code execution in the context of emacs
  • Unlikely to be an issue in practice, also there doesn’t appear to be any users of this function on github (other than references to the documentation for it)

[USN-5956-1, USN-5956-2] PHPMailer vulnerabilities [02:03]

[USN-5957-1] LibreCAD vulnerabilities [02:58]

[USN-5855-2] ImageMagick vulnerabilities [03:37]

[USN-5958-1] FFmpeg vulnerabilities [03:45]

[USN-5954-1] Firefox vulnerabilities [03:59]

[USN-5961-1] abcm2ps vulnerabilities

[USN-5962-1] Linux kernel (Intel IoTG) vulnerabilities [04:47]

[USN-5959-1] Kerberos vulnerabilities [05:32]

  • 2 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
  • NULL ptr derefs -> crash in kerberos daemon -> DoS

[USN-5960-1] Python vulnerability [05:51]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)
  • possibly to bypass blocklists in urllib.parse() simply by prefixing the URL with a space - blocklisting is not part of upstream functionality but often would be implemented in application / library logic by first using urlparse() to parse the given URL - if prefixed with a space then can get urlparse() to fail to return the correct scheme/hostname - can workaround simply by first calling strip() on URL - apparently upstream still discussing whether the current fix is sufficient so watch this space

[USN-5963-1] Vim vulnerabilities [07:14]

[USN-5964-1] curl vulnerabilities [07:41]

  • 5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Jammy (22.04 LTS), Kinetic (22.10)
  • various connection reuse issues - eg. would reuse an SSH connection even if caller had changed an SSH option - similar for FTP.
  • mishandling of ~ in SFTP could then allow access to unintended files (would expand even if not the first part of the path)

[USN-5806-3] Ruby vulnerability [08:43]

[USN-5965-1] TigerVNC vulnerability [08:53]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • when processing a TLS certificate, would store that internally as a certificate authority - then if client connected to a different server would use that stored cert as a CA cert to validate the new server - could then allow a malicious server to impersonate other servers

[USN-5904-2] SoX regression [09:35]

Goings on in Ubuntu Security Community

Ubuntu 20.04.6 LTS Released [09:49]

Unlike previous point releases, 20.04.6 is a refresh of the amd64 installer media after recent key revocations, re-enabling their usage on Secure Boot enabled systems.

Many other security updates for additional high-impact bug fixes are also included, with a focus on maintaining stability and compatibility with Ubuntu 20.04 LTS.

  • TL;DR - recent vulnerabilities in shim and grub meant that we revoked those old versions such that they would not boot anymore if updates had been installed - so if wanted to reinstall using the 20.04.5 media it would fail to boot. Can prove this to yourself:
cat /sys/firmware/efi/efivars/SbatLevelRT-605dab50-e046-4300-abb6-3dd810dd8b23 
sbat,1,2022052400 grub,2 
objdump -j .sbat -s grubx64.efi

Ubuntu Security at Everything Open 2023 [12:02]

Get in contact

  continue reading

231 قسمت

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

همه قسمت ها

×
 
Loading …

به Player FM خوش آمدید!

Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.

 

مشابه Ubuntu Security Podcast

به بیش از 500 موضوع گوش کنید
Player FM - برنامه پادکست
با برنامه Player FM !
Get it on App Store Get it on Google Play

راهنمای مرجع سریع

پادکست های برتر
Dialogue Podcast | پادکست دیالوگ
طنزپردازی | tanzpardazi
نود و هشت، پنجاه و سه
GoushFilm | گوش‌فیلم
Timche podcast | پادکست اقتصادی تیمچه
پادکست Archives - جادی
ایستگاه فردا
مجله شبانگاهی
Hellitalk
StringBooks
ChannelB پادکست فارسی
Player FM logo
راهنما/پرسش و پاسخ | ارتقا | Advertise
هنر|تجارت|کمدی|اقتصاد|سرگرمی|اخبار|سیاست|دین
علم|فوتبال|ورزشی|داستان سرایی|تکنولوژی|جنایت واقعی
حق چاپ 2024 | نقشه سایت | حریم خصوصی | شرایط خدمات | | کپی رایت
Episode being played series thumbnail
icon icon
سرعت
تنظیمات سری
1x
1x
Volume
100%
icon
icon icon
/

مشاهده Player FM در ...
Player FM
Browser
Chrome
Safari
Firefox