KnowledgeBase
|
Size: 3530
Comment:
|
Size: 5058
Comment: Add reference to SACK Panic KB article
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 8: | Line 8: |
| * Official [[https://www.ubuntu.com/usn/|Ubuntu Security Notices]] (USNs) | * Official [[http://www.ubuntu.com/usn/|Ubuntu Security Notices]] (USNs) |
| Line 10: | Line 10: |
| * Unofficial translations of Ubuntu Security Announcements: * [[http://blogs.media-tips.com/bernard.opic/category/ubuntu-security-notices/|French]] |
|
| Line 21: | Line 19: |
| * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/OpenSSHClientRoaming|OpenSSH Client Roaming (CVE-2016-0777, CVE-2016-0778)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/httpoxy|httpoxy CGI application vulnerability]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BlueBorne | BlueBorne bluetooth vulnerabilities (CVE-2017-1000250, CVE-2017-1000251)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown | Spectre and Meltdown vulnerabilities (CVE-2017-5753, CVE-2017-5754, and CVE-2017-5715) ]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Pop_SS | Mov/Pop SS vulnerabilities (CVE-2018-8897 and CVE-2018-1087) ]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Variant4 | Variant 4 of Side Channel issues (CVE-2018-3639)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/LazyFP | Lazy FP Save/Restore (CVE-2018-3665)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BCBS | Bounds Check Bypass Store (BCBS) (CVE-2018-3693) ]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/NetSpectre | NetSpectre ]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF | L1 Terminal Fault (L1TF) (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/runC | runC / docker.io Privileged Container Escape (CVE-2019-5736)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/MDS | Microarchitectural Data Sampling (MDS) (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)]] * [[https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SACKPanic | SACK Panic (CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479)]] |
Security updates
Announcements
Official Ubuntu Security Notices (USNs)
Ubuntu security update notifications additional information
Media coverage
In order to stay secure, Ubuntu users should simply apply all Ubuntu security updates to their systems when they become available.
For some vulnerabilities that are highlighted by the media, we've provided additional information as part of our KnowledgeBase:
BlueBorne bluetooth vulnerabilities (CVE-2017-1000250, CVE-2017-1000251)
Spectre and Meltdown vulnerabilities (CVE-2017-5753, CVE-2017-5754, and CVE-2017-5715)
Mov/Pop SS vulnerabilities (CVE-2018-8897 and CVE-2018-1087)
L1 Terminal Fault (L1TF) (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646)
runC / docker.io Privileged Container Escape (CVE-2019-5736)
SACK Panic (CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479)
Vulnerability Resources
Ubuntu CVE Tracker (web view)
Update processes
StableReleaseUpdates (SRU)
Update techniques
- How to handle backporting security updates
- How to test the update
- Proof of Concept (PoC)
- Build test suites (eg, 'make check')
- ABI compatibility (eg, check-symbols, nm)
- Checklists
Policies
Features
Feature Matrix (for all releases since Dapper, see the Historical Feature Matrix.)
AppArmor docs
SELinux docs
Process
Problems
DebuggingSecurity for bug reports
DebuggingApparmor for bug reports dealing with AppArmor profiles
SecurityTeam/KnowledgeBase (last edited 2024-04-24 13:30:26 by rodrigo-zaiden)