1.99.0
Notably, this release addresses:
USN-6859-1 OpenSSH vulnerability:
-
CVE-2024-6387:
Race condition in SIGALRM handling code
USN-6854-1 OpenSSL vulnerability:
- CVE-2022-40735:
The Diffie-Hellman Key Agreement Protocol allows use of long exponents that
arguably make certain calculations unnecessarily expensive, because the
1996 van Oorschot and Wiener paper found that "(appropriately) short
exponents" can be used when there are adequate subgroup constraints, and
these short exponents can lead to less expensive calculations than for long
exponents. This issue is different from CVE-2002-20001 because it is based
on an observation about exponent size, rather than an observation about
numbers that are not public keys. The specific situations in which
calculation expense would constitute a server-side vulnerability depend on
the protocol (e.g., TLS, SSH, or IKE) and the DHE implementation details.
In general, there might be an availability concern because of server-side
resource consumption from DHE modular-exponentiation calculations. Finally,
it is possible for an attacker to exploit this vulnerability and
CVE-2002-20001 together.
USN-6851-1 Netplan vulnerabilities:
- CVE-2022-4968:
netplan leaks the private key of wireguard to local users. A security fix
will be released soon.
USN-6852-1 Wget vulnerability:
-
CVE-2024-38428:
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo
subcomponent of a URI, and thus there may be insecure behavior in which
data that was supposed to be in the userinfo subcomponent is misinterpreted
to be part of the host subcomponent.
USN-6827-1 LibTIFF vulnerability:
- CVE-2023-3164:
A heap-buffer-overflow vulnerability was found in LibTIFF, in
extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801.
This flaw allows attackers to cause a denial of service via a crafted tiff
file.
USN-6814-1 libvpx vulnerability:
- CVE-2024-5197:
There exists interger overflows in libvpx in versions prior to
1.14.1. Calling vpx_img_alloc() with a large value of the d_w, d_h, or
align parameter may result in integer overflows in the calculations of
buffer sizes and offsets and some fields of the returned vpx_image_t struct
may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h,
or stride_align parameter may result in integer overflows in the
calculations of buffer sizes and offsets and some fields of the returned
vpx_image_t struct may be invalid. We recommend upgrading to version 1.14.1
or beyond
USN-6806-1 GDK-PixBuf vulnerability:
- CVE-2022-48622:
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows
animated cursor) decoder encounters heap memory corruption (in
ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani file. A
crafted file could allow an attacker to overwrite heap metadata, leading to
a denial of service or code execution attack. This occurs in
gdk_pixbuf_set_option() in gdk-pixbuf.c.
USN-6805-1 libarchive vulnerability:
- CVE-2024-26256:
libarchive Remote Code Execution Vulnerability
USN-6793-1 Git vulnerabilities:
- CVE-2024-32021:
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4,
2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository
that contains symlinks via the filesystem, Git may create hardlinks to
arbitrary user-readable files on the same filesystem as the target
repository in theobjects/
directory. Cloning a local repository over the
filesystem may creating hardlinks to arbitrary user-owned files on the same
filesystem in the target Git repository'sobjects/
directory. When
cloning a repository over the filesystem (without explicitly specifying the
file://
protocol or--no-local
), the optimizations for local cloning
will be used, which include attempting to hard link the object files
instead of copying them. While the code includes checks against symbolic
links in the source repository, which were added during the fix for
CVE-2022-39253, these checks can still be raced because the hard link
operation ultimately follows symlinks. If the object on the filesystem
appears as a file during the check, and then a symlink during the
operation, this will allow the adversary to bypass the check and create
hardlinks in the destination objects directory to arbitrary, user-readable
files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4,
2.42.2, 2.41.1, 2.40.2, and 2.39.4. - CVE-2024-32020:
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4,
2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking
files into the target repository's object database when source and target
repository reside on the same disk. If the source repository is owned by a
different user, then those hardlinked files may be rewritten at any point
in time by the untrusted user. Cloning local repositories will cause Git to
either copy or hardlink files of the source repository into the target
repository. This significantly speeds up such local clones compared to
doing a "proper" clone and saves both disk space and compute time. When
cloning a repository located on the same disk that is owned by a different
user than the current user we also end up creating such hardlinks. These
files will continue to be owned and controlled by the potentially-untrusted
user and can be rewritten by them at will in the future. The problem has
been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2,
and 2.39.4. - CVE-2024-32002:
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4,
2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be
crafted in a way that exploits a bug in Git whereby it can be fooled into
writing files not into the submodule's worktree but into a.git/
directory. This allows writing a hook that will be executed while the clone
operation is still running, giving the user no opportunity to inspect the
code that is being executed. The problem has been patched in versions
2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic
link support is disabled in Git (e.g. viagit config --global core.symlinks false
), the described attack won't work. As always, it is
best to avoid cloning repositories from untrusted sources. - CVE-2024-32004:
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4,
2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local
repository in such a way that, when cloned, will execute arbitrary code
during the operation. The problem has been patched in versions 2.45.1,
2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid
cloning repositories from untrusted sources. - CVE-2024-32465:
Git is a revision control system. The Git project recommends to avoid
working in untrusted repositories, and instead to clone it first withgit clone --no-local
to obtain a clean copy. Git has specific protections to
make that a safe operation even with an untrusted source repository, but
vulnerabilities allow those protections to be bypassed. In the context of
cloning local repositories owned by other users, this vulnerability has
been covered in CVE-2024-32004. But there are circumstances where the fixes
for CVE-2024-32004 are not enough: For example, when obtaining a.zip
file containing a full copy of a Git repository, it should not be trusted
by default to be safe, as e.g. hooks could be configured to run within the
context of that repository. The problem has been patched in versions
2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a
workaround, avoid using Git in repositories that have been obtained via
archives from untrusted sources.
USN-6791-1 Unbound vulnerability:
- CVE-2024-33655:
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a
denial of service (resource consumption) by arranging for DNS queries to be
accumulated for seconds, such that responses are later sent in a pulsing
burst (which can be considered traffic amplification in some cases), aka
the "DNSBomb" issue.
-ii bind9-dnsutils 1:9.18.18-0ubuntu0.22.04.2 amd64 Clients provided with BIND 9
-ii bind9-host 1:9.18.18-0ubuntu0.22.04.2 amd64 DNS Lookup Utility
-ii bind9-libs:amd64 1:9.18.18-0ubuntu0.22.04.2 amd64 Shared Libraries used by BIND 9
+ii bind9-dnsutils 1:9.18.24-0ubuntu0.22.04.1 amd64 Clients provided with BIND 9
+ii bind9-host 1:9.18.24-0ubuntu0.22.04.1 amd64 DNS Lookup Utility
+ii bind9-libs:amd64 1:9.18.24-0ubuntu0.22.04.1 amd64 Shared Libraries used by BIND 9
-ii dnsutils 1:9.18.18-0ubuntu0.22.04.2 all Transitional package for bind9-dnsutils
+ii dnsutils 1:9.18.24-0ubuntu0.22.04.1 all Transitional package for bind9-dnsutils
-ii gdb 12.1-0ubuntu1~22.04 amd64 GNU Debugger
+ii gdb 12.1-0ubuntu1~22.04.2 amd64 GNU Debugger
-ii gir1.2-gdkpixbuf-2.0:amd64 2.42.8+dfsg-1ubuntu0.2 amd64 GDK Pixbuf library - GObject-Introspection
+ii gir1.2-gdkpixbuf-2.0:amd64 2.42.8+dfsg-1ubuntu0.3 amd64 GDK Pixbuf library - GObject-Introspection
-ii git 1:2.34.1-1ubuntu1.10 amd64 fast, scalable, distributed revision control system
-ii git-man 1:2.34.1-1ubuntu1.10 all fast, scalable, distributed revision control system (manual pages)
+ii git 1:2.34.1-1ubuntu1.11 amd64 fast, scalable, distributed revision control system
+ii git-man 1:2.34.1-1ubuntu1.11 all fast, scalable, distributed revision control system (manual pages)
-ii libarchive13:amd64 3.6.0-1ubuntu1 amd64 Multi-format archive and compression library (shared library)
+ii libarchive13:amd64 3.6.0-1ubuntu1.1 amd64 Multi-format archive and compression library (shared library)
-ii libc-bin 2.35-0ubuntu3.7 amd64 GNU C Library: Binaries
-ii libc-dev-bin 2.35-0ubuntu3.7 amd64 GNU C Library: Development binaries
-ii libc6:amd64 2.35-0ubuntu3.7 amd64 GNU C Library: Shared libraries
-ii libc6-dev:amd64 2.35-0ubuntu3.7 amd64 GNU C Library: Development Libraries and Header Files
+ii libc-bin 2.35-0ubuntu3.8 amd64 GNU C Library: Binaries
+ii libc-dev-bin 2.35-0ubuntu3.8 amd64 GNU C Library: Development binaries
+ii libc6:amd64 2.35-0ubuntu3.8 amd64 GNU C Library: Shared libraries
+ii libc6-dev:amd64 2.35-0ubuntu3.8 amd64 GNU C Library: Development Libraries and Header Files
-ii libgdk-pixbuf-2.0-0:amd64 2.42.8+dfsg-1ubuntu0.2 amd64 GDK Pixbuf library
-ii libgdk-pixbuf2.0-common 2.42.8+dfsg-1ubuntu0.2 all GDK Pixbuf library - data files
+ii libgdk-pixbuf-2.0-0:amd64 2.42.8+dfsg-1ubuntu0.3 amd64 GDK Pixbuf library
+ii libgdk-pixbuf2.0-common 2.42.8+dfsg-1ubuntu0.3 all GDK Pixbuf library - data files
-ii libmariadb-dev 1:10.6.16-0ubuntu0.22.04.1 amd64 MariaDB database development files
-ii libmariadb-dev-compat:amd64 1:10.6.16-0ubuntu0.22.04.1 amd64 MariaDB Connector/C, compatibility symlinks
-ii libmariadb3:amd64 1:10.6.16-0ubuntu0.22.04.1 amd64 MariaDB database client library
+ii libmariadb-dev 1:10.6.18-0ubuntu0.22.04.1 amd64 MariaDB database development files
+ii libmariadb-dev-compat:amd64 1:10.6.18-0ubuntu0.22.04.1 amd64 MariaDB Connector/C, compatibility symlinks
+ii libmariadb3:amd64 1:10.6.18-0ubuntu0.22.04.1 amd64 MariaDB database client library
-ii libnetplan0:amd64 0.106.1-7ubuntu0.22.04.2 amd64 YAML network configuration abstraction runtime library
+ii libnetplan0:amd64 0.106.1-7ubuntu0.22.04.4 amd64 YAML network configuration abstraction runtime library
-ii libpq-dev 14.11-0ubuntu0.22.04.1 amd64 header files for libpq5 (PostgreSQL library)
-ii libpq5:amd64 14.11-0ubuntu0.22.04.1 amd64 PostgreSQL C client library
+ii libpq-dev 14.12-0ubuntu0.22.04.1 amd64 header files for libpq5 (PostgreSQL library)
+ii libpq5:amd64 14.12-0ubuntu0.22.04.1 amd64 PostgreSQL C client library
-ii libssl-dev:amd64 3.0.2-0ubuntu1.15 amd64 Secure Sockets Layer toolkit - development files
-ii libssl3:amd64 3.0.2-0ubuntu1.15 amd64 Secure Sockets Layer toolkit - shared libraries
+ii libssl-dev:amd64 3.0.2-0ubuntu1.16 amd64 Secure Sockets Layer toolkit - development files
+ii libssl3:amd64 3.0.2-0ubuntu1.16 amd64 Secure Sockets Layer toolkit - shared libraries
-ii libtiff-dev:amd64 4.3.0-6ubuntu0.8 amd64 Tag Image File Format library (TIFF), development files
-ii libtiff5:amd64 4.3.0-6ubuntu0.8 amd64 Tag Image File Format (TIFF) library
-ii libtiffxx5:amd64 4.3.0-6ubuntu0.8 amd64 Tag Image File Format (TIFF) library -- C++ interface
+ii libtiff-dev:amd64 4.3.0-6ubuntu0.9 amd64 Tag Image File Format library (TIFF), development files
+ii libtiff5:amd64 4.3.0-6ubuntu0.9 amd64 Tag Image File Format (TIFF) library
+ii libtiffxx5:amd64 4.3.0-6ubuntu0.9 amd64 Tag Image File Format (TIFF) library -- C++ interface
-ii libunbound8:amd64 1.13.1-1ubuntu5.4 amd64 library implementing DNS resolution and validation
+ii libunbound8:amd64 1.13.1-1ubuntu5.5 amd64 library implementing DNS resolution and validation
-ii libvpx-dev:amd64 1.11.0-2ubuntu2.2 amd64 VP8 and VP9 video codec (development files)
-ii libvpx7:amd64 1.11.0-2ubuntu2.2 amd64 VP8 and VP9 video codec (shared library)
+ii libvpx-dev:amd64 1.11.0-2ubuntu2.3 amd64 VP8 and VP9 video codec (development files)
+ii libvpx7:amd64 1.11.0-2ubuntu2.3 amd64 VP8 and VP9 video codec (shared library)
-ii linux-libc-dev:amd64 5.15.0-107.117 amd64 Linux Kernel Headers for development
-ii locales 2.35-0ubuntu3.7 all GNU C Library: National Language (locale) data [support]
+ii linux-libc-dev:amd64 5.15.0-113.123 amd64 Linux Kernel Headers for development
+ii locales 2.35-0ubuntu3.8 all GNU C Library: National Language (locale) data [support]
-ii mariadb-common 1:10.6.16-0ubuntu0.22.04.1 all MariaDB common configuration files
+ii mariadb-common 1:10.6.18-0ubuntu0.22.04.1 all MariaDB common configuration files
-ii openssh-client 1:8.9p1-3ubuntu0.7 amd64 secure shell (SSH) client, for secure access to remote machines
-ii openssh-server 1:8.9p1-3ubuntu0.7 amd64 secure shell (SSH) server, for secure access from remote machines
-ii openssh-sftp-server 1:8.9p1-3ubuntu0.7 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
-ii openssl 3.0.2-0ubuntu1.15 amd64 Secure Sockets Layer toolkit - cryptographic utility
+ii openssh-client 1:8.9p1-3ubuntu0.10 amd64 secure shell (SSH) client, for secure access to remote machines
+ii openssh-server 1:8.9p1-3ubuntu0.10 amd64 secure shell (SSH) server, for secure access from remote machines
+ii openssh-sftp-server 1:8.9p1-3ubuntu0.10 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
+ii openssl 3.0.2-0ubuntu1.16 amd64 Secure Sockets Layer toolkit - cryptographic utility
-ii vim-common 2:8.2.3995-1ubuntu2.16 all Vi IMproved - Common files
-ii vim-tiny 2:8.2.3995-1ubuntu2.16 amd64 Vi IMproved - enhanced vi editor - compact version
-ii wget 1.21.2-2ubuntu1 amd64 retrieves files from the web
+ii vim-common 2:8.2.3995-1ubuntu2.17 all Vi IMproved - Common files
+ii vim-tiny 2:8.2.3995-1ubuntu2.17 amd64 Vi IMproved - enhanced vi editor - compact version
+ii wget 1.21.2-2ubuntu1.1 amd64 retrieves files from the web
-ii xxd 2:8.2.3995-1ubuntu2.16 amd64 tool to make (or reverse) a hex dump
+ii xxd 2:8.2.3995-1ubuntu2.17 amd64 tool to make (or reverse) a hex dump```