Patch Central

Third Party Patch Roundup  – May 2019

May brought stormy weather to much of the United States, with at least twenty-five “tornado events” occurring across multiple states. Luckily, the majority were considered relatively weak (F0 or F2 rating on the Fujita scale).

 

Meanwhile, IT professionals continue to weather the virtual storms of cyberattacks, malware, and data breaches, as a new report released recently reveals that there has been a 50% increased in the number of exposed data files since the same time last year.

Of course, keeping software up-to-date, especially with security patches, is one of the most important factors in preventing such incidents, but many companies, government agencies and other public and private entities have been lax in applying security fixes even when vendors make them available. For example, there  are reported to still be hundreds or maybe thousands of servers in public schools that are still vulnerable to the WannaCry SMB exploit.

Microsoft issued patches for almost 80 vulnerabilities on its regular second-Tuesday update schedule this month, and other software vendors had their share of fixes released across the last four weeks, as well. Now let’s take a look at what this month has brought us from some of them.

Apple

After only three security updates released in April, we suspected we were in for a whole slew of them in May, and Apple didn’t disappoint. They came out with ten patches, fixing a myriad of security holes across multiple products.

The following six updates were released on May 13:

  •         watchOS 5.2.1 for Apple Watch Series 1 and later       
  •         Safari 12.1.1 for macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5     
  •         Apple TV Software 7.3  for Apple TV (3rd generation)
  •         tvOS 12.3 for Apple TV 4K and Apple TV HD
  •         iOS 12.3 for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
  •         macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra for macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave

Later in the month, Apple came out with four more updates:

  •         iOS 12.3.1 for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation (May 24)
  •         iTunes 12.9.5 for Windows for Windows 7 and later (May 28)
  •         iCloud for Windows 7.12 for Windows 7 and later (May 28)
  •         AirPort Base Station Firmware Update 7.9.1 for AirPort Extreme and AirPort Time Capsule base stations with 802.11ac (May 30)

Vulnerabilities patched by these updates span many operating system components, including the OS kernel, and include such impacts as critical arbitrary code execution issues, reading of restricted memory or of kernel memory, denial of service, modification of protected parts of the file system, access to root privileges, and more.

Vulnerability types include memory corruption, type confusion, input validation, use-after-free, out-of-bounds read, and logic issues.

For more information about the current and past patches and the vulnerabilities that they address, see the Apple Support web site at https://support.apple.com/en-us/HT201222

Adobe

Adobe released bulletins/advisories for three security updates in March, all of which came out on their usual Patch Tuesday release date, March 14th:

  •         APSB19-29 Security updates for Adobe Media Encoder on Windows and macOS – addresses a critical use-after-free file parsing vulnerability that could lead to arbitrary code execution, along with an important out-of-bounds read issue that could lead to information disclosure. Adobe assigned a priority rating of 3.
  •         APSB19-26 Security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS –  addresses a critical use-after-free vulnerability in Adobe Flash Player that could be exploited to obtain  arbitrary code execution in the context of the current user. Adobe assigned a priority rating of 2 for all operating systems, except the desktop runtime on Linux, which is rated priority 3.
  •         APSB19-18 Security update for Adobe Acrobat and Reader for Windows and macOS – addresses critical and important vulnerabilities, the successful exploitation of which could lead to arbitrary code execution in the context of the current user.  These include out-of-bounds read and write, type confusion, use-after-free, heap overflow, buffer error, double free, and security bypass issues. Adobe assigned a priority rating of 2 for all versions of Acrobat and Reader on both operating systems.

For more information, see the security bulletin summary at

https://helpx.adobe.com/security.html

Google

  •         On May 14, Google released a Chrome for Android update, but it did not contain any listed new security updates.
  •         On May 17, Google released a stable channel update 74.0.3729.159 (Platform version: 11895.118.0 / 1) for most Chrome OS devices, containing a number of security updates along with bug fixes and feature enhancements.
  •         On May 21, Google released stable channel update 74.0.3729.169 for Windows, Mac, and Linux.
  •         The Android OS security bulletin for May addresses patches for critical security updates including a Media framework vulnerability that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.

For more information about Chrome updates, see https://chromereleases.googleblog.com

For more information about the vulnerabilities that are addressed by the Android updates, see https://source.android.com/security/bulletin/2018-11-01

Oracle

Oracle normally releases security updates on a quarterly cycle, in January, April, July and October.  The most recent update was released on April 15th. The next regularly scheduled critical patch update will be in July 2019.

Oracle customers can read more about this update in the executive summary on the Oracle Support site at https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html.

Mozilla

On May 21, Mozilla announced Firefox 67, which contains fixes for the following pair of critical security fixes:

  •         CVE-2019-9800: Memory safety bugs
  •         CVE-2019-9814: Memory safety bugs

Also patched were eleven high impact vulnerabilities:

CVE-2019-9815: Disable hyperthreading on content JavaScript threads on macOS

CVE-2019-9816: Type confusion with object groups and UnboxedObjects

CVE-2019-9817: Stealing of cross-domain images using canvas

CVE-2019-9818: Use-after-free in crash generation server

CVE-2019-9819: Compartment mismatch with fetch API

CVE-2019-9820: Use-after-free of ChromeEventHandler by DocShell

CVE-2019-9821: Use-after-free in AssertWorkerThread

CVE-2019-11691: Use-after-free in XMLHttpRequest

CVE-2019-11692: Use-after-free removing listeners in the event listener manager

CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux

CVE-2019-7317: Use-after-free in png_image_free of libpng library

Finally, six moderate impact and two low-impact vulnerabilities are fixed by this version:

CVE-2019-11694: Uninitialized memory memory leakage in Windows sandbox

CVE-2019-11695: Custom cursor can render over user interface outside of web content

CVE-2019-11696: Java web start .JNLP files are not recognized as executable files for download prompts

CVE-2019-11697: Pressing key combinations can bypass installation prompt delays and install extensions

CVE-2019-11698: Theft of user history data through drag and drop of hyperlinks to and from bookmarks

CVE-2019-11700: res: protocol can be used to open known local files

CVE-2019-11699: Incorrect domain name highlighting during page navigation

CVE-2019-11701: webcal: protocol default handler loads vulnerable web page

For more information about these and other vulnerabilities patched by Mozilla, see https://www.mozilla.org/en-US/security/advisories//mfsa2018-26/

Linux

Popular Linux distros, as usual, have seen a number of security advisories and updates this month. During the month of May, Ubuntu issued the following fifty-six security advisories since last month’s roundup. Some of these advisories address a large number of vulnerabilities in one advisory. In some cases, there are multiple advisories for the same vulnerabilities. Other commercial Linux vendors issued a similar number of updates.

  •         USN-4001-2: libseccomp vulnerability. USN-4001-1 fixed a vulnerability in libseccomp. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators (LT, GT, LE, GE). An attacker could use this to bypass intended access…
  •         USN-4001-1: libseccomp vulnerability. Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators (LT, GT, LE, GE). An attacker could use this to bypass intended access restrictions for argument-filtered system calls.
  •         USN-4000-1: Corosync vulnerability. It was discovered that Corosync incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
  •         USN-3999-1: GnuTLS vulnerabilities. Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the “Lucky Thirteen” issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. 30
  •         USN-3998-1: Evolution Data Server vulnerability. Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certain circumstances, this could result in displaying clear-text portions of encrypted messages as though they were encrypted.
  •         USN-3968-2: Sudo vulnerability. USN-3968-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty.
  •         USN-3996-1: GNU Screen vulnerability. Kuang-che Wu discovered that GNU Screen improperly handled certain input. An attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service or the execution of arbitrary code.
  •         USN-3997-1: Thunderbird vulnerabilities. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin protections, or execute arbitrary code.
  •         USN-3995-2: Keepalived vulnerability. USN-3995-1 fixed a vulnerability in keepalived. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service.
  •         USN-3845-2: FreeRDP vulnerabilities. USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 18.10. Original advisory details: Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service.
  •         USN-3995-1: Keepalived vulnerability. It was discovered that Keepalived incorrectly handled certain HTTP status response codes. A remote attacker could use this issue to cause Keepalived to crash, resulting in a denial of service, or possibly execute arbitrary code.
  •         USN-3976-4: Samba vulnerability. USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets.
  •         USN-3994-1: gnome-desktop vulnerability. It was discovered that gnome-desktop incorrectly confined thumbnailers. If a user were tricked into downloading a malicious image file, a remote attacker could possibly combine this issue with another vulnerability to escape the sandbox and execute arbitrary code.
  •         USN-3976-3: Samba regression. USN-3976-1 fixed a vulnerability in Samba. The update introduced a regression causing Samba to occasionally crash. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets.
  •         USN-3957-2: MariaDB vulnerabilities. USN-3957-1 fixed multiple vulnerabilities in MySQL. This update addresses some of them in MariaDB 5.5. Ubuntu 14.04 LTS has been updated to MariaDB 5.5.64. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
  •         USN-3977-2: Intel Microcode update. USN-3977-1 provided mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities in Intel Microcode for a large number of Intel processor families. This update provides the corresponding updated microcode mitigations for Intel Cherry Trail and Bay Trail processor families.
  •         USN-3993-2: curl vulnerability. USN-3993-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that curl incorrectly handled memory when receiving data from a TFTP server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service.
  •         USN-3993-1: curl vulnerabilities. Wenchao Li discovered that curl incorrectly handled memory in the curl_url_set() function. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.
  •         USN-3992-1: WebKitGTK+ vulnerabilities. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
  •         USN-3566-2: PHP vulnerabilities. USN-3566-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information.
  •         USN-3991-1: Firefox vulnerabilities. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting (XSS) attacks.
  •         USN-3990-1: urllib3 vulnerabilities. It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10.
  •         USN-3989-1: LibRaw vulnerabilities. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.
  •         USN-3985-2: libvirt update. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3988-1: MediaInfo vulnerabilities. It was discovered that MediaInfo contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause MediaInfo to crash, resulting in a denial of service.
  •         USN-3986-1: Wireshark vulnerabilities. It was discovered that Wireshark improperly handled certain input. A remote or local attacker could cause Wireshark to crash by injecting malform packets onto the wire or convincing someone to read a malformed packet trace file.
  •         USN-3985-1: libvirt update. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3983-2: Linux kernel (Trusty HWE) vulnerabilities. USN-3983-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS.
  •         USN-3981-2: Linux kernel (HWE) vulnerabilities. USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu
  •         USN-3984-1: Linux kernel vulnerabilities. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3982-2: Linux kernel (Xenial HWE) vulnerabilities. USN-3982-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 for Ubuntu 14.04 LTS.
  •         USN-3980-2: Linux kernel (HWE) vulnerabilities. USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS.
  •         USN-3981-1: Linux kernel vulnerabilities. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3983-1: Linux kernel vulnerabilities. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3982-1: Linux kernel vulnerabilities. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3980-1: Linux kernel vulnerabilities. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3979-1: Linux kernel vulnerabilities. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitecturalfill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3978-1: QEMU update. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3977-1: Intel Microcode update. Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
  •         USN-3976-2: Samba vulnerability. USN-3976-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets.
  •         USN-3976-1: Samba vulnerability. Isaac Boukris and Andrew Bartlett discovered that Samba incorrectly checked S4U2Self packets. In certain environments, a remote attacker could possibly use this issue to escalate privileges.
  •         USN-3975-1: OpenJDK vulnerabilities. It was discovered that the BigDecimal implementation in OpenJDK performed excessive computation when given certain values. An attacker could use this to cause a denial of service (excessive CPU usage).
  •         USN-3974-1: VCFtools vulnerabilities. It was discovered that VCFtools improperly handled certain input. If a user was tricked into opening a crafted input file, VCFtools could be made to crash. (CVE-2018-11099, CVE-2018-11129, CVE-2018-11130).
  •         USN-3972-1: PostgreSQL vulnerabilities. It was discovered that PostgreSQL incorrectly handled partition routing. A remote user could possibly use this issue to read arbitrary bytes of server memory. This issue only affected Ubuntu 19.04. (CVE-2019-10129) Dean Rasheed discovered that PostgreSQL incorrectly handled selectivity estimators.
  •         USN-3969-2: wpa_supplicant and hostapd vulnerability. USN-3969-1 fixed a vulnerability in wpa_supplicant and hostapd. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that wpa_supplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could possibly use this issue to cause a denial of service.
  •         USN-3956-2: Bind vulnerability. USN-3956-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this issue to cause Bind to consume resources.
  •         USN-3971-1: Monit vulnerabilities. Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2019-11454) Zack Flack discovered a buffer overread when Monit decoded certain crafted URLs. An attacker could exploit this to leak potentially sensitive information.
  •         USN-3970-1: Ghostscript vulnerability. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.
  •         USN-3969-1: wpa_supplicant and hostapd vulnerability. It was discovered that wpa_supplicant and hostapd incorrectly handled unexpected fragments when using EAP-pwd. A remote attacker could possibly use this issue to cause a denial of service.
  •         USN-3967-1: FFmpeg vulnerabilities. It was discovered that FFmpeg contained multiple security issues when handling certain multimedia files. If a user were tricked into opening a crafted multimedia file, an attacker could cause a denial of service via application crash.
  •         USN-3968-1: Sudo vulnerabilities. Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands.
  •         USN-3965-1: aria2 vulnerability. Dhiraj Mishra discovered that aria2 incorrectly stored authentication information. A local attacker could possibly use this issue to obtain credentials.
  •         USN-3966-1: GNOME Shell vulnerability. It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked.
  •         USN-3964-1: python-gnupg vulnerabilities. Marcus Brinkmann discovered that GnuPG before 2.2.8 improperly handled certain command line parameters. A remote attacker could use this to spoof the output of GnuPG and cause unsigned e-mail to appear signed. (CVE-2018-12020) It was discovered that python-gnupg incorrectly handled the GPG passphrase.
  •         USN-3953-2: PHP vulnerabilities. USN-3953-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP to crash.
  •         USN-3963-1: Memcached vulnerability. It was discovered that Memcached incorrectly handled certain lru command messages. A remote attacker could possibly use this issue to cause Memcached to crash, resulting in a denial of service.