Diff for "SecurityTeam/KnowledgeBase"

KnowledgeBase

Differences between revisions 1 and 23 (spanning 22 versions)

Ubuntu Security Team • Roadmap • Getting Involved • Knowledge Base • FAQ • Contacts

Contents

Security updates
Policies
Features
Process
Problems

Security updates

Announcements

Official Ubuntu Security Announcements
Unofficial translations of Ubuntu Security Announcements:
- French

Media coverage

Importantly, Ubuntu users should apply all security updates to their systems to be sure that their systems are secure. Sometimes vulnerabilities are highlighted by the media, so we've provided information on these vulnerabilities as part of our KnowledgeBase:

GHOST (CVE-2015-0235)

Vulnerability Resources

Update processes

Update techniques

How to prepare an updated package
How to handle backporting security updates
- schroot/sbuild setup
- virtual machine setup
How to test the update
- QA Regression Testing
- Proof of Concept (PoC)
- Build test suites (eg, 'make check')
ABI compatibility (eg, check-symbols, nm)
Checklists

Policies

Features

Feature Matrix (for all releases since Dapper, see the Historical Feature Matrix.)
Security Hardening Compiler Flags
AppArmor Profiles
Applications Built with PIE
AppArmor docs
SELinux docs

Process

Problems

DebuggingSecurity for bug reports
DebuggingApparmor for bug reports dealing with AppArmor profiles

CategorySecurityTeam

SecurityTeam/KnowledgeBase (last edited 2023-08-25 14:36:54 by rodrigo-zaiden)

-  ⇤ ← Revision 1 as of 2008-03-27 19:16:28 → 
  Size: 963
  Editor: c-76-105-157-155
  Comment:
+   ← Revision 23 as of 2015-01-27 19:43:46 → ⇥
  Size: 2969
  Editor: jdstrand
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 1:
-[[Include(SecurityTeam/Header)]]
+<<Include(SecurityTeam/Header)>>
 Line 3:
-||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position:  98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;">'''Contents'''[[BR]][[TableOfContents]]||
+||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position:  98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>||
 Line 5:
+== Security updates ==
-Line 6:
+Line 7:
+=== Announcements ===
 * Official [[https://www.ubuntu.com/usn/|Ubuntu Security Announcements]]
 * Unofficial translations of Ubuntu Security Announcements:
  * [[http://blogs.media-tips.com/bernard.opic/category/ubuntu-security-notices/|French]]
-Line 7:
+Line 12:
-{{{This page is still very much place-holder.  If you have time, please update it with more information.}}}
+=== Media coverage ===
Importantly, Ubuntu users should apply all security updates to their systems to be sure that their systems are secure. Sometimes vulnerabilities are highlighted by the media, so we've provided information on these vulnerabilities as part of our !KnowledgeBase:
 * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GHOST|GHOST (CVE-2015-0235)]]
-Line 9:
+Line 16:
+=== Vulnerability Resources ===
 * [[https://launchpad.net/ubuntu-cve-tracker|Ubuntu CVE tracker]]
 * [[http://people.canonical.com/~ubuntu-security/cve/|Ubuntu CVE Tracker]] (web view)
 * [[http://cve.mitre.org|Common Vulnerabilities and Exposures]] (CVEs)
 * [[http://nvd.nist.gov/nvd.cfm|National Vulnerabilities Database]]
 * [[http://oss-security.openwall.org|Open Source Software Security]]
-Line 10:
+Line 23:
- * security updates
  * [:SecurityUpdateProcedures: Security Update Procedures]
  * Ubuntu CVE tracker link
  * mitre
  * NVD
  * oss-security link
 * Policies (FAQ could link to Knowledge{{{}}}Base)
  * policy on local DoS
  * policy on root passwords/sudo
  * policy on open network ports
  * policy on sudo
  * policy on home directory permissions
 * AppArmor docs
 * SELinux docs
+=== Update processes ===
 * [[SecurityTeam/UpdateProcedures| Security Update Procedures]]
 * [[StableReleaseUpdates/MicroReleaseExceptions]]
 * [[StableReleaseUpdates]] (SRU)
 * [[https://help.ubuntu.com/community/UbuntuBackports|Backport Requests]]

=== Update techniques ===
 * [[https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures#Preparing%20an%20update|How to prepare an updated package]]
-Line 25:
+Line 32:
-  * good upstream patches
  * micro release
  * SRU
  * -backports
 * [:DebuggingSecurity] for bug reports
+  * [[SecurityTeam/BuildEnvironment|schroot/sbuild setup]]
  * [[SecurityTeam/TestingEnvironment|virtual machine setup]]
 * How to test the update
  * [[https://code.launchpad.net/~ubuntu-bugcontrol/qa-regression-testing/master|QA Regression Testing]]
  * Proof of Concept (PoC)
  * Build test suites (eg, 'make check')
 * ABI compatibility (eg, check-symbols, nm)
 * Checklists

== Policies ==
 * [[SecurityTeam/Policies|Ubuntu Security Policies]]
 * [[ApparmorProfileMigration|Creating enforcing AppArmor profiles policy]]

== Features ==
 * [[Security/Features|Feature Matrix]] (for all releases since Dapper, see the [[Security/Features/Historical|Historical Feature Matrix]].)
 * [[CompilerFlags|Security Hardening Compiler Flags]]
 * [[SecurityTeam/KnowledgeBase/AppArmorProfiles|AppArmor Profiles]]
 * [[SecurityTeam/KnowledgeBase/BuiltPIE|Applications Built with PIE]]
 * [[AppArmor]] docs
 * [[SELinux]] docs

== Process ==
 * [[SecurityTeam/BugTriage|Bug Triage]]
 * [[SecurityTeam/ReleaseCycle|Release Cycle Actions]]

== Problems ==
 * [[DebuggingSecurity]] for bug reports
 * [[DebuggingApparmor]] for bug reports dealing with [[AppArmor]] profiles

Ubuntu Wiki