Ubuntu Wiki

Security Team Weekly Summary for 9 June 2017

The Security Team weekly reports are intended to be very short summaries of the Security Team's weekly activities.

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com

During the last week, the Ubuntu Security team:

• Triaged 191 public security vulnerability reports, retaining the 63 that applied to Ubuntu.
• Published 13 Ubuntu Security Notices which fixed 35 security issues (CVEs) across 15 supported packages.

Ubuntu Security Notices

• [USN-3306-1] libsndfile vulnerabilities

• [USN-3307-1] OpenLDAP vulnerability

• [USN-3308-1] Puppet vulnerabilities

• [USN-3309-1] Libtasn1 vulnerability

• [USN-3310-1] lintian vulnerability

• [USN-3311-1] libnl vulnerability

• [USN-3312-1] Linux kernel vulnerabilities

• [USN-3312-2] Linux kernel (Xenial HWE) vulnerabilities

• [USN-3313-1] Linux kernel vulnerability

• [USN-3313-2] Linux kernel (HWE) vulnerability

• [USN-3314-1] Linux kernel vulnerabilities

• [USN-3316-1] FreeRADIUS vulnerability

• [USN-3253-2] Nagios regression

Mainline Inclusion Requests

• xdelta3 underway (LP: #1647222)

• MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D

Bug Triage

• Backlog: https://bugs.launchpad.net/~ubuntu-security/+subscribedbugs

Updates to Community Supported Packages

• Balint Reczey (rbalint) provided debdiffs for xenial-zesty for kodi (LP: #1694249)

• Balint Reczey (rbalint) provided debdiffs for trusty-zesty for wireshark (LP: #1397091)

• Gianfranco Costamagna (LocutusOfBorg) provided debdiffs for trusty-zesty for ettercap (LP: #1695722)

Thank you!

Development

• Apparmor documentation updates

  • http://wiki.apparmor.net/index.php/AppArmorStacking

  • http://wiki.apparmor.net/index.php/AppArmorNamespaces

  • http://wiki.apparmor.net/index.php/AppArmorPolicyBasics

  • http://wiki.apparmor.net/index.php/AppArmorPolicyView

• Prepared patches to submit upstream for apparmor
• Rebased apparmor on security/next
• Review and merge eCryptfs community contributed patches:

  • ecryptfs-mount-private usability issue (LP #1449253)

  • ecryptfs-migrate-home fix for LDAP users (LP: #1630477)

  • OpenSSL 1.1.x FTBFS fixes in ecryptfs-utils (LP: #1670476)

  • ecryptfs-recover-private usability issue (LP: #1694272, LP: #1439825)

• Ubuntu Core

  • Greengrass interface PR https://github.com/snapcore/snapd/pull/3467

Weekly Meeting

• Log: https://wiki.ubuntu.com/MeetingLogs/Security/20170605

• Info: https://wiki.ubuntu.com/SecurityTeam/Meeting

More Info

• Ubuntu CVE Tracker

• Ubuntu security notices

• Follow Ubuntu Security on Twitter

• How to help improve Ubuntu security