Security Team Weekly Summary: October 12, 2017
Canonical
on 12 October 2017
Tags: livepatch , Public cloud , Security , USN
The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.
If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com
During the last week, the Ubuntu Security team:
- Triaged 238 public security vulnerability reports, retaining the 75 that applied to Ubuntu.
- Published 12 Ubuntu Security Notices which fixed 43 security issues (CVEs) across 9 supported packages.
Ubuntu Security Notices
Bug Triage
Mainline Inclusion Requests
- spice-vdagent underway
-
MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D
Updates to Community Supported Packages
- Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for git (LP: #1719740)
Development
- Reviews:
- PR 3973/cgroup freezer in support of layouts
- PR 3998/utilize new seccomp logging features
- PR 3999/add detection of stale mount namespaces for layouts
- PR 3872/preserve TMPDIR and HOSTALIASES across snap-confine invocation
- PR 3958/add support for /home on NFS
- PR 4008/create missing mountpoints in support of layouts
- submitted policy-updates-xxx PR 4002
- submitted small lttng PR 4003
- submitted small lxd PR 4004
- fscrypt 0.2.1 and 0.2.2 packaged
What the Security Team is Reading This Week
-
Experts Have Sobering Message on Human Rights, Privacy for Security Pros
-
Building and using a 29-year-old compiler on a modern system
Weekly Meeting
More Info
Ubuntu on public clouds
There is no one size fits all cloud architecture.
Developing the optimum cloud strategy requires evaluating your business needs and aligning them with the different solutions available.
Newsletter signup
Related posts
6 facts for CentOS users who are holding on
Considering migrating to Ubuntu from other Linux platforms, such as CentOS? Find six useful facts to get started!
Integrating the Ubuntu Snapshot Service into systems management and update tools
Ubuntu recently released a snapshot service to use the archive as it was at a point in history. This article explains how to integrate this into systems...
Ubuntu Explained: How to ensure security and stability in cloud instances—part 3
Applying updates across a fleet of multiple Ubuntu instances is a balance of security and service uptime. We explore best practices to maximise stability.