This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Ubuntu Security Podcastに似ているもの
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Player FMアプリでオフラインにしPlayer FMう!
))
Episode 100
Manage episode 279836053 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Overview
For the last episode of 2020, we look back at the most “popular” packages on this podcast for this year as well as the biggest vulnerabilities from 2020, plus a BootHole presentation at Ubuntu Masters as well as vulnerability fixes from the past week too.
This week in Ubuntu Security Updates
21 unique CVEs addressed
[USN-4660-1] Linux kernel vulnerabilities [01:04]
- 10 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)
- Episode 99
[USN-4661-1] Snapcraft vulnerability [01:36]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)
- itszn reported via Launchpad - LD_LIBRARY_PATH as generated by snapcraft would contain an empty element - so cwd would be included - if an attacker can drop a malicious library that will be loaded by a snap (eg. libc.so) into your home dir (and since home plug is used by almost all snaps - and is autoconnected on non-Ubuntu Core systems) would allow the attacker to get code-execution in the context of any snap
- Fixed in snapcraft - as part of the snap USN notification service - notified all affected snap publishers just need to rebuild their snaps and users will get protected via snap refresh
[USN-4656-2] X.Org X Server vulnerabilities [04:20]
- 2 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 99
[USN-4662-1] OpenSSL vulnerability [04:34]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- NULL pointer dereference when comparing two GENERAL_NAMEs with an EDIPARTYNAME - so if an attacker can cause this they can cause a crash -> DoS in any application which uses openssl for TLS handling etc - this can be done if an attacker can get a client to check a malicious cert against a malicious CRL - and since some apps auto-download CRLs based on URLs presented in the cert itself this is not an unreasonable scenario - hence high priority as the attack complexity is not high in this case
[USN-4663-1] GDK-PixBuf vulnerability [05:53]
- 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
- infinite loop when handling crafted LZW compression code in gifs -> DoS
[USN-4664-1] Aptdaemon vulnerabilities [06:31]
- 2 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Kevin Backhouse from Github reported via Launchpad
- aptdaemon provides dbus API for installing packages - provides an InstallFile method to install a local .deb - and uses policykit to ensure that unprivileged users cannot use this to install packages - however, that check only occurs after the deb has been parsed - so if there were vulns in the parsing (which is provided by apt itself) - since aptd runs as root could use these to get RCE - fixed by moving auth checks to occur before parsing anything
[USN-4665-1] curl vulnerabilities [08:32]
- 4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Various issues:
- memory leak in handling of FTP wildcard matchings -> DoS
- failure to properly validate OCSP responses
- incorrect handling of CONNECT_ONLY option -> could end up connecting to wrong host -> info leak
- incorrect handling of FTP PASV responses - server can respond with alternate IP address + port to connect to -> could then trick clients into doing port-scanning on their behalf or other info gathering etc
Goings on in Ubuntu Security Community
Look back over 2020 of the Ubuntu Security Podcast
Top 20 most featured packages [10:09]
- 81 Linux kernel
- 16 Firefox
- 7 PHP
- 6 Thunderbird
- 6 Samba
- 6 NSS
- 6 Django
- 5 WebKitGTK+
- 5 Tomcat
- 5 Squid
- 5 QEMU
- 5 OpenLDAP
- 5 MySQL
- 5 ClamAV
- 4 X.Org X Server
- 4 SQLite
- 4 Python
- 4 ppp
- 4 OpenSSL
- 4 OpenJDK
Most high profile vulnerabilities [12:53]
- PLATYPUS attack against Intel CPUs (Episode 96)
- BleedingTooth attack against bluez (Episode 93)
- FreeType being exploited in the wild (Episode 93)
- BootHole attack against GRUB2 (Episode 84)
Ubuntu Masters 4 - Together We Sink or Swim: Plugging the BootHole [14:12]
- https://www.brighttalk.com/webcast/6793/453235
- Chris Coulson + Daniel Kiper (Oracle, upstream grub maintainer) + Jesse Michael (Eclypsium, discovered original BootHole vuln)
- Earlier today / yesterday
Hiring [15:58]
AppArmor Security Engineer
Engineering Director - Ubuntu Security
Engineering Manager - Ubuntu Security
Get in contact
230 つのエピソード
シェア
Manage episode 279836053 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Overview
For the last episode of 2020, we look back at the most “popular” packages on this podcast for this year as well as the biggest vulnerabilities from 2020, plus a BootHole presentation at Ubuntu Masters as well as vulnerability fixes from the past week too.
This week in Ubuntu Security Updates
21 unique CVEs addressed
[USN-4660-1] Linux kernel vulnerabilities [01:04]
- 10 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)
- Episode 99
[USN-4661-1] Snapcraft vulnerability [01:36]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)
- itszn reported via Launchpad - LD_LIBRARY_PATH as generated by snapcraft would contain an empty element - so cwd would be included - if an attacker can drop a malicious library that will be loaded by a snap (eg. libc.so) into your home dir (and since home plug is used by almost all snaps - and is autoconnected on non-Ubuntu Core systems) would allow the attacker to get code-execution in the context of any snap
- Fixed in snapcraft - as part of the snap USN notification service - notified all affected snap publishers just need to rebuild their snaps and users will get protected via snap refresh
[USN-4656-2] X.Org X Server vulnerabilities [04:20]
- 2 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 99
[USN-4662-1] OpenSSL vulnerability [04:34]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- NULL pointer dereference when comparing two GENERAL_NAMEs with an EDIPARTYNAME - so if an attacker can cause this they can cause a crash -> DoS in any application which uses openssl for TLS handling etc - this can be done if an attacker can get a client to check a malicious cert against a malicious CRL - and since some apps auto-download CRLs based on URLs presented in the cert itself this is not an unreasonable scenario - hence high priority as the attack complexity is not high in this case
[USN-4663-1] GDK-PixBuf vulnerability [05:53]
- 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
- infinite loop when handling crafted LZW compression code in gifs -> DoS
[USN-4664-1] Aptdaemon vulnerabilities [06:31]
- 2 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Kevin Backhouse from Github reported via Launchpad
- aptdaemon provides dbus API for installing packages - provides an InstallFile method to install a local .deb - and uses policykit to ensure that unprivileged users cannot use this to install packages - however, that check only occurs after the deb has been parsed - so if there were vulns in the parsing (which is provided by apt itself) - since aptd runs as root could use these to get RCE - fixed by moving auth checks to occur before parsing anything
[USN-4665-1] curl vulnerabilities [08:32]
- 4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Various issues:
- memory leak in handling of FTP wildcard matchings -> DoS
- failure to properly validate OCSP responses
- incorrect handling of CONNECT_ONLY option -> could end up connecting to wrong host -> info leak
- incorrect handling of FTP PASV responses - server can respond with alternate IP address + port to connect to -> could then trick clients into doing port-scanning on their behalf or other info gathering etc
Goings on in Ubuntu Security Community
Look back over 2020 of the Ubuntu Security Podcast
Top 20 most featured packages [10:09]
- 81 Linux kernel
- 16 Firefox
- 7 PHP
- 6 Thunderbird
- 6 Samba
- 6 NSS
- 6 Django
- 5 WebKitGTK+
- 5 Tomcat
- 5 Squid
- 5 QEMU
- 5 OpenLDAP
- 5 MySQL
- 5 ClamAV
- 4 X.Org X Server
- 4 SQLite
- 4 Python
- 4 ppp
- 4 OpenSSL
- 4 OpenJDK
Most high profile vulnerabilities [12:53]
- PLATYPUS attack against Intel CPUs (Episode 96)
- BleedingTooth attack against bluez (Episode 93)
- FreeType being exploited in the wild (Episode 93)
- BootHole attack against GRUB2 (Episode 84)
Ubuntu Masters 4 - Together We Sink or Swim: Plugging the BootHole [14:12]
- https://www.brighttalk.com/webcast/6793/453235
- Chris Coulson + Daniel Kiper (Oracle, upstream grub maintainer) + Jesse Michael (Eclypsium, discovered original BootHole vuln)
- Earlier today / yesterday
Hiring [15:58]
AppArmor Security Engineer
Engineering Director - Ubuntu Security
Engineering Manager - Ubuntu Security
Get in contact
230 つのエピソード
すべてのエピソード
×
プレーヤーFMへようこそ!
Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。
Ubuntu Security Podcastに似ているもの
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Player FMアプリでオフラインにしPlayer FMう!
