Security Team Weekly Summary: August 10, 2017
Canonical
on 10 August 2017
The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.
If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com
During the last week, the Ubuntu Security team:
- Triaged 242 public security vulnerability reports, retaining the 57 that applied to Ubuntu.
- Published 13 Ubuntu Security Notices which fixed 29 security issues (CVEs) across 15 supported packages.
Ubuntu Security Notices
Bug Triage
Mainline Inclusion Requests
-
http-parser underway (LP: #1638957)
-
MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D
Updates to Community Supported Packages
-
James Lu (tacocat) provided debdiffs for xenial-zesty for gnome-exe-thumbnailer (LP: #651610)
-
Simon Quigley (tsimonq2) provided debdiffs for trusty-xenial for lxterminal (LP: #1690416)
-
Simon Quigley (tsimonq2) provided debdiffs for trusty-zesty for pcmanfm (LP: #1708542)
-
Otto Kekäläinen (otto) provided debdiffs for trusty for mariadb-5.5 (LP: #1705944)
-
Otto Kekäläinen (otto) provided debdiffs for xenial for mariadb-10.0 (LP: #1698689)
-
Otto Kekäläinen (otto) provided debdiffs for zesty for mariadb-10.1 (LP: #1698689)
-
Roger Light (ral) provided debdiffs for trusty-zesty for mosquitto (LP: #1700490)
Development
-
Updated seccomp patches submitted to LKML [PATCH v5 1/6] seccomp: Sysctl to display available actions
-
snapd policy updates interfaces/many, cmd/snap-confine: miscellaneous policy updates (#3634)
-
AppArmor updates for perl 5.26 transition in 17.10 (2.11.0-2ubuntu11, 2.11.0-2ubuntu12)
- review broadcom-asic-control interface for snapd PR
-
find reproducer for AppArmor capability logging issues and file LP: #1707743
- coordinate with Desktop team wrt snaps on 17.10 desktop
- continue wayland interface investigation, coordinate with Desktop team
- several reviews of ‘Using udev tagging for snap interfaces’ PR
- review kvm interface for snapd PR
- triage snapd-interface bugs
- several reviews of spi interface for snapd PR
-
be responsive to Debian AppArmor team with their request to make AppArmor on by default in Debian Buster
- review of avahi interface for snap reimplementation PR
What the Security Team is Reading This Week
-
Abusing Certificate Transparency Logs by Hanno Boeck
Weekly Meeting
More Info
Ubuntu cloud
Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.
Newsletter signup
Related posts
Bringing automation to open source 5G software at Ubuntu Summit 2024
In today’s massive private mobile network (PMN) market, one of the most common approaches to PMN software and infrastructure are proprietary private business...
Life at Canonical: Freyja Cooper’s perspective as a new joiner in Communications
Canonical has developed a unique onboarding process that enables new hires to quickly settle and establish themselves in our globally distributed environment....
Designing Canonical’s Figma libraries for performance and structure
How Canonical’s Design team rebuilt their Figma libraries, with practical guidelines on structure, performance, and maintenance processes.