Monthly Archive: April 2019

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn’t actually require the confined app have access to the file to create a transfer. This could...

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file. Date published : 2019-04-22 https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093

The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2. Date published : 2019-04-22 https://launchpad.net/maas/+milestone/1.9.2

Juju Core’s Joyent provider before version 1.25.5 uploads the user’s private ssh key. Date published : 2019-04-22 http://bazaar.launchpad.net/~juju-core/juju-core/trunk/revision/4119

The Snapweb interface before version 0.21.2 was exposing controls to install or remove snap packages without controlling the identity of the user, nor the origin of the connection. An attacker could have used the...

A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3. Date published : 2019-04-22 https://git.launchpad.net/oxide/commit/?id=29014da83e5fc358d6bff0f574e9ed45e61a35ac

In all versions of AppArmor mount rules are accidentally widened when compiled. Date published : 2019-04-22 https://bugs.launchpad.net/apparmor/+bug/1597017 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E

In all versions of Unity8 a running but not active application on a large-screen device could talk with Maliit and consume keyboard input. Date published : 2019-04-22 https://bazaar.launchpad.net/~mir-team/qtmir/trunk/revision/521

UDM provides support for running commands after a download is completed, this is currently made use of for click package installation. This functionality was not restricted to unconfined applications. Before UDM version 1.2+16.04.20160408-0ubuntu1 any...

Versions of Unity8 before 8.11+16.04.20160122-0ubuntu1 file plugins/Dash/CardCreator.js will execute any code found in place of a fallback image supplied by a scope. Date published : 2019-04-22 https://bazaar.launchpad.net/~unity-team/unity8/stable/revision/2138

On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security firewall login page is vulnerable to Reflected XSS...

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission...

In various firmware versions of Lenovo System x, the integrated management module II (IMM2)’s first failure data capture (FFDC) includes the web server’s private key in the generated log file for support. Date published...

A potential vulnerability was found in an SMI handler in various BIOS versions of certain legacy IBM System x and IBM BladeCenter systems that could lead to denial of service. Date published : 2019-04-22...