Security Team Weekly Summary: August 10, 2017
Canonical
on 10 August 2017
The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.
If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com
During the last week, the Ubuntu Security team:
- Triaged 242 public security vulnerability reports, retaining the 57 that applied to Ubuntu.
- Published 13 Ubuntu Security Notices which fixed 29 security issues (CVEs) across 15 supported packages.
Ubuntu Security Notices
Bug Triage
Mainline Inclusion Requests
-
http-parser underway (LP: #1638957)
-
MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D
Updates to Community Supported Packages
-
James Lu (tacocat) provided debdiffs for xenial-zesty for gnome-exe-thumbnailer (LP: #651610)
-
Simon Quigley (tsimonq2) provided debdiffs for trusty-xenial for lxterminal (LP: #1690416)
-
Simon Quigley (tsimonq2) provided debdiffs for trusty-zesty for pcmanfm (LP: #1708542)
-
Otto Kekäläinen (otto) provided debdiffs for trusty for mariadb-5.5 (LP: #1705944)
-
Otto Kekäläinen (otto) provided debdiffs for xenial for mariadb-10.0 (LP: #1698689)
-
Otto Kekäläinen (otto) provided debdiffs for zesty for mariadb-10.1 (LP: #1698689)
-
Roger Light (ral) provided debdiffs for trusty-zesty for mosquitto (LP: #1700490)
Development
-
Updated seccomp patches submitted to LKML [PATCH v5 1/6] seccomp: Sysctl to display available actions
-
snapd policy updates interfaces/many, cmd/snap-confine: miscellaneous policy updates (#3634)
-
AppArmor updates for perl 5.26 transition in 17.10 (2.11.0-2ubuntu11, 2.11.0-2ubuntu12)
- review broadcom-asic-control interface for snapd PR
-
find reproducer for AppArmor capability logging issues and file LP: #1707743
- coordinate with Desktop team wrt snaps on 17.10 desktop
- continue wayland interface investigation, coordinate with Desktop team
- several reviews of ‘Using udev tagging for snap interfaces’ PR
- review kvm interface for snapd PR
- triage snapd-interface bugs
- several reviews of spi interface for snapd PR
-
be responsive to Debian AppArmor team with their request to make AppArmor on by default in Debian Buster
- review of avahi interface for snap reimplementation PR
What the Security Team is Reading This Week
-
Abusing Certificate Transparency Logs by Hanno Boeck
Weekly Meeting
More Info
Ubuntu cloud
Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.
Newsletter signup
Related posts
Canonical releases Ubuntu 24.04 LTS Noble Numbat
Canonical’s 10th Long Term Supported release sets a new standard in performance engineering, enterprise security and developer experience.
Ubuntu Desktop 24.04 LTS: Noble Numbat deep dive
Learn how Ubuntu Desktop 24.04 LTS is built to empower open source developers and deliver innovation for the next 12 years.
What’s new in security for Ubuntu 24.04 LTS?
We’re excited about the upcoming Ubuntu 24.04 LTS release, Noble Numbat. Like all Ubuntu releases, Ubuntu 24.04 LTS comes with 5 years of free security...