{ "summary": { "snap": { "added": [], "removed": [], "diff": [ "core20", "snapd" ] }, "deb": { "added": [], "removed": [], "diff": [ "bsdutils", "fdisk", "klibc-utils", "libblkid1:ppc64el", "libfdisk1:ppc64el", "libgnutls30:ppc64el", "libklibc:ppc64el", "libmount1:ppc64el", "libnspr4:ppc64el", "libnss3:ppc64el", "libsmartcols1:ppc64el", "libuuid1:ppc64el", "mount", "ubuntu-advantage-tools", "ubuntu-pro-client", "ubuntu-pro-client-l10n", "util-linux", "uuid-runtime" ] } }, "diff": { "deb": [ { "name": "bsdutils", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "1:2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "1:2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "fdisk", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "klibc-utils", "from_version": { "source_package_name": "klibc", "source_package_version": "2.0.7-1ubuntu5.1", "version": "2.0.7-1ubuntu5.1" }, "to_version": { "source_package_name": "klibc", "source_package_version": "2.0.7-1ubuntu5.2", "version": "2.0.7-1ubuntu5.2" }, "cves": [ { "cve": "CVE-2016-9840", "url": "https://ubuntu.com/security/CVE-2016-9840", "cve_description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2016-9841", "url": "https://ubuntu.com/security/CVE-2016-9841", "cve_description": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2018-25032", "url": "https://ubuntu.com/security/CVE-2018-25032", "cve_description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "cve_priority": "medium", "cve_public_date": "2022-03-25 09:15:00 UTC" }, { "cve": "CVE-2022-37434", "url": "https://ubuntu.com/security/CVE-2022-37434", "cve_description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "cve_priority": "medium", "cve_public_date": "2022-08-05 07:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2016-9840", "url": "https://ubuntu.com/security/CVE-2016-9840", "cve_description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2016-9841", "url": "https://ubuntu.com/security/CVE-2016-9841", "cve_description": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2018-25032", "url": "https://ubuntu.com/security/CVE-2018-25032", "cve_description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "cve_priority": "medium", "cve_public_date": "2022-03-25 09:15:00 UTC" }, { "cve": "CVE-2022-37434", "url": "https://ubuntu.com/security/CVE-2022-37434", "cve_description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "cve_priority": "medium", "cve_public_date": "2022-08-05 07:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: improper pointer arithmetic", " - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization", " in usr/klibc/zlib/inftrees.c.", " - CVE-2016-9840", " * SECURITY UPDATE: improper pointer arithmetic", " - debian/patches/CVE-2016-9841.patch: remove offset pointer optimization", " in usr/klibc/zlib/inffast.c.", " - CVE-2016-9841", " * SECURITY UPDATE: memory corruption during compression", " - debian/patches/CVE-2018-25032.patch: addresses a bug that can crash", " deflate on rare inputs when using Z_FIXED.", " - CVE-2018-25032", " * SECURITY UPDATE: heap-based buffer over-read", " - debian/patches/CVE-2022-37434-1.patch: adds an extra condition to check", " if state->head->extra_max is greater than len before copying, and moves", " the len assignment to be placed before the check in", " usr/klibc/zlib/inflate.c.", " - debian/patches/CVE-2022-37434-2.patch: in the previous patch, the", " placement of the len assignment was causing issues so it was moved", " within the conditional check.", " - CVE-2022-37434", "" ], "package": "klibc", "version": "2.0.7-1ubuntu5.2", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Ian Constantin ", "date": "Sat, 13 Apr 2024 12:35:16 +0300" } ], "notes": null }, { "name": "libblkid1:ppc64el", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "libfdisk1:ppc64el", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "libgnutls30:ppc64el", "from_version": { "source_package_name": "gnutls28", "source_package_version": "3.6.13-2ubuntu1.10", "version": "3.6.13-2ubuntu1.10" }, "to_version": { "source_package_name": "gnutls28", "source_package_version": "3.6.13-2ubuntu1.11", "version": "3.6.13-2ubuntu1.11" }, "cves": [ { "cve": "CVE-2024-28834", "url": "https://ubuntu.com/security/CVE-2024-28834", "cve_description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "cve_priority": "medium", "cve_public_date": "2024-03-21 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28834", "url": "https://ubuntu.com/security/CVE-2024-28834", "cve_description": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.", "cve_priority": "medium", "cve_public_date": "2024-03-21 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: side-channel leak via Minerva attack", " - debian/patches/CVE-2024-28834.patch: avoid normalization of mpz_t in", " deterministic ECDSA in lib/nettle/int/dsa-compute-k.c,", " lib/nettle/int/dsa-compute-k.h, lib/nettle/int/ecdsa-compute-k.c,", " lib/nettle/int/ecdsa-compute-k.h, lib/nettle/pk.c,", " tests/sign-verify-deterministic.c.", " - CVE-2024-28834", "" ], "package": "gnutls28", "version": "3.6.13-2ubuntu1.11", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Fri, 12 Apr 2024 09:56:37 -0400" } ], "notes": null }, { "name": "libklibc:ppc64el", "from_version": { "source_package_name": "klibc", "source_package_version": "2.0.7-1ubuntu5.1", "version": "2.0.7-1ubuntu5.1" }, "to_version": { "source_package_name": "klibc", "source_package_version": "2.0.7-1ubuntu5.2", "version": "2.0.7-1ubuntu5.2" }, "cves": [ { "cve": "CVE-2016-9840", "url": "https://ubuntu.com/security/CVE-2016-9840", "cve_description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2016-9841", "url": "https://ubuntu.com/security/CVE-2016-9841", "cve_description": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2018-25032", "url": "https://ubuntu.com/security/CVE-2018-25032", "cve_description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "cve_priority": "medium", "cve_public_date": "2022-03-25 09:15:00 UTC" }, { "cve": "CVE-2022-37434", "url": "https://ubuntu.com/security/CVE-2022-37434", "cve_description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "cve_priority": "medium", "cve_public_date": "2022-08-05 07:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2016-9840", "url": "https://ubuntu.com/security/CVE-2016-9840", "cve_description": "inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2016-9841", "url": "https://ubuntu.com/security/CVE-2016-9841", "cve_description": "inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" }, { "cve": "CVE-2018-25032", "url": "https://ubuntu.com/security/CVE-2018-25032", "cve_description": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", "cve_priority": "medium", "cve_public_date": "2022-03-25 09:15:00 UTC" }, { "cve": "CVE-2022-37434", "url": "https://ubuntu.com/security/CVE-2022-37434", "cve_description": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).", "cve_priority": "medium", "cve_public_date": "2022-08-05 07:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: improper pointer arithmetic", " - debian/patches/CVE-2016-9840.patch: remove offset pointer optimization", " in usr/klibc/zlib/inftrees.c.", " - CVE-2016-9840", " * SECURITY UPDATE: improper pointer arithmetic", " - debian/patches/CVE-2016-9841.patch: remove offset pointer optimization", " in usr/klibc/zlib/inffast.c.", " - CVE-2016-9841", " * SECURITY UPDATE: memory corruption during compression", " - debian/patches/CVE-2018-25032.patch: addresses a bug that can crash", " deflate on rare inputs when using Z_FIXED.", " - CVE-2018-25032", " * SECURITY UPDATE: heap-based buffer over-read", " - debian/patches/CVE-2022-37434-1.patch: adds an extra condition to check", " if state->head->extra_max is greater than len before copying, and moves", " the len assignment to be placed before the check in", " usr/klibc/zlib/inflate.c.", " - debian/patches/CVE-2022-37434-2.patch: in the previous patch, the", " placement of the len assignment was causing issues so it was moved", " within the conditional check.", " - CVE-2022-37434", "" ], "package": "klibc", "version": "2.0.7-1ubuntu5.2", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Ian Constantin ", "date": "Sat, 13 Apr 2024 12:35:16 +0300" } ], "notes": null }, { "name": "libmount1:ppc64el", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "libnspr4:ppc64el", "from_version": { "source_package_name": "nspr", "source_package_version": "2:4.25-1", "version": "2:4.25-1" }, "to_version": { "source_package_name": "nspr", "source_package_version": "2:4.35-0ubuntu0.20.04.1", "version": "2:4.35-0ubuntu0.20.04.1" }, "cves": [], "launchpad_bugs_fixed": [], "changes": [ { "cves": [], "log": [ "", " * Update to 4.35 to support nss security update.", " - debian/libnspr3.symbols: added new symbol.", "" ], "package": "nspr", "version": "2:4.35-0ubuntu0.20.04.1", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 21 Mar 2024 08:18:35 -0400" } ], "notes": null }, { "name": "libnss3:ppc64el", "from_version": { "source_package_name": "nss", "source_package_version": "2:3.49.1-1ubuntu1.9", "version": "2:3.49.1-1ubuntu1.9" }, "to_version": { "source_package_name": "nss", "source_package_version": "2:3.98-0ubuntu0.20.04.2", "version": "2:3.98-0ubuntu0.20.04.2" }, "cves": [ { "cve": "CVE-2023-4421", "url": "https://ubuntu.com/security/CVE-2023-4421", "cve_description": "The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key. The issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper. This vulnerability affects NSS < 3.61.", "cve_priority": "medium", "cve_public_date": "2023-12-12 17:15:00 UTC" }, { "cve": "CVE-2023-5388", "url": "https://ubuntu.com/security/CVE-2023-5388", "cve_description": "NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.", "cve_priority": "medium", "cve_public_date": "2024-03-19 12:15:00 UTC" }, { "cve": "CVE-2023-6135", "url": "https://ubuntu.com/security/CVE-2023-6135", "cve_description": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.", "cve_priority": "medium", "cve_public_date": "2023-12-19 14:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2060906 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: failure to open modules (LP: #2060906)", " - debian/patches/85_security_load.patch: fix broken patch preventing", " module loading.", "" ], "package": "nss", "version": "2:3.98-0ubuntu0.20.04.2", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [ 2060906 ], "author": "Marc Deslauriers ", "date": "Thu, 11 Apr 2024 10:23:19 -0400" }, { "cves": [ { "cve": "CVE-2023-4421", "url": "https://ubuntu.com/security/CVE-2023-4421", "cve_description": "The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's key. The issue was fixed by implementing the implicit rejection algorithm, in which the NSS returns a deterministic random message in case invalid padding is detected, as proposed in the Marvin Attack paper. This vulnerability affects NSS < 3.61.", "cve_priority": "medium", "cve_public_date": "2023-12-12 17:15:00 UTC" }, { "cve": "CVE-2023-5388", "url": "https://ubuntu.com/security/CVE-2023-5388", "cve_description": "NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.", "cve_priority": "medium", "cve_public_date": "2024-03-19 12:15:00 UTC" }, { "cve": "CVE-2023-6135", "url": "https://ubuntu.com/security/CVE-2023-6135", "cve_description": "Multiple NSS NIST curves were susceptible to a side-channel attack known as \"Minerva\". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox < 121.", "cve_priority": "medium", "cve_public_date": "2023-12-19 14:15:00 UTC" } ], "log": [ "", " * Updated to upstream 3.98 to fix security issues and get a new CA", " certificate bundle.", " - CVE-2023-4421: PKCS#1 v1.5 Bleichenbacher-like attack", " - CVE-2023-5388: timing issue in RSA operations", " - CVE-2023-6135: side-channel in multiple NSS NIST curves", " * Removed patches included in new version:", " - debian/patches/set-tls1.2-as-minimum.patch", " - debian/patches/bz1608327-freebl-arm", " - debian/patches/CVE-*.patch", " * Updated patches for new version:", " - debian/patches/38_hppa.patch", " - debian/patches/85_security_load.patch", " - debian/patches/disable_fips_enabled_read.patch", " * debian/control: bump libnspr version to 2:4.34.", " * debian/libnss3.symbols: added new symbols.", "" ], "package": "nss", "version": "2:3.98-0ubuntu0.20.04.1", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 21 Mar 2024 09:44:10 -0400" } ], "notes": null }, { "name": "libsmartcols1:ppc64el", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "libuuid1:ppc64el", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "mount", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "ubuntu-advantage-tools", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2~20.04", "version": "31.2~20.04" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.2~20.04", "version": "31.2.2~20.04" }, "cves": [], "launchpad_bugs_fixed": [ 2058934, 2057937 ], "changes": [ { "cves": [], "log": [ "", " * version.py: match version from d/changelog (LP: #2058934)", "" ], "package": "ubuntu-advantage-tools", "version": "31.2.2~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2058934 ], "author": "Andreas Hasenack ", "date": "Mon, 25 Mar 2024 11:49:51 -0300" }, { "cves": [], "log": [ "", " * apt-news.service: ignore apparmor errors when starting (LP: #2057937)", "" ], "package": "ubuntu-advantage-tools", "version": "31.2.1~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2057937 ], "author": "Andreas Hasenack ", "date": "Wed, 20 Mar 2024 09:25:41 -0300" } ], "notes": null }, { "name": "ubuntu-pro-client", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2~20.04", "version": "31.2~20.04" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.2~20.04", "version": "31.2.2~20.04" }, "cves": [], "launchpad_bugs_fixed": [ 2058934, 2057937 ], "changes": [ { "cves": [], "log": [ "", " * version.py: match version from d/changelog (LP: #2058934)", "" ], "package": "ubuntu-advantage-tools", "version": "31.2.2~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2058934 ], "author": "Andreas Hasenack ", "date": "Mon, 25 Mar 2024 11:49:51 -0300" }, { "cves": [], "log": [ "", " * apt-news.service: ignore apparmor errors when starting (LP: #2057937)", "" ], "package": "ubuntu-advantage-tools", "version": "31.2.1~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2057937 ], "author": "Andreas Hasenack ", "date": "Wed, 20 Mar 2024 09:25:41 -0300" } ], "notes": null }, { "name": "ubuntu-pro-client-l10n", "from_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2~20.04", "version": "31.2~20.04" }, "to_version": { "source_package_name": "ubuntu-advantage-tools", "source_package_version": "31.2.2~20.04", "version": "31.2.2~20.04" }, "cves": [], "launchpad_bugs_fixed": [ 2058934, 2057937 ], "changes": [ { "cves": [], "log": [ "", " * version.py: match version from d/changelog (LP: #2058934)", "" ], "package": "ubuntu-advantage-tools", "version": "31.2.2~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2058934 ], "author": "Andreas Hasenack ", "date": "Mon, 25 Mar 2024 11:49:51 -0300" }, { "cves": [], "log": [ "", " * apt-news.service: ignore apparmor errors when starting (LP: #2057937)", "" ], "package": "ubuntu-advantage-tools", "version": "31.2.1~20.04", "urgency": "medium", "distributions": "focal", "launchpad_bugs_fixed": [ 2057937 ], "author": "Andreas Hasenack ", "date": "Wed, 20 Mar 2024 09:25:41 -0300" } ], "notes": null }, { "name": "util-linux", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null }, { "name": "uuid-runtime", "from_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.5", "version": "2.34-0.1ubuntu9.5" }, "to_version": { "source_package_name": "util-linux", "source_package_version": "2.34-0.1ubuntu9.6", "version": "2.34-0.1ubuntu9.6" }, "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-28085", "url": "https://ubuntu.com/security/CVE-2024-28085", "cve_description": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.", "cve_priority": "medium", "cve_public_date": "2024-03-27 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Improper neutralization of escape sequences in wall", " - debian/rules: build with --disable-use-tty-group to properly remove", " setgid bit from both wall and write.", " - CVE-2024-28085", "" ], "package": "util-linux", "version": "2.34-0.1ubuntu9.6", "urgency": "medium", "distributions": "focal-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 09 Apr 2024 11:34:13 -0400" } ], "notes": null } ], "snap": [ { "name": "core20", "from_version": { "source_package_name": null, "source_package_version": null, "version": "2183" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": "2265" } }, { "name": "snapd", "from_version": { "source_package_name": null, "source_package_version": null, "version": "21186" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": "21466" } } ] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 20.04 focal image from release image serial 20240408 to 20240416", "from_series": "focal", "to_series": "focal", "from_serial": "20240408", "to_serial": "20240416", "from_manifest_filename": "release_manifest.previous", "to_manifest_filename": "manifest.current" }