Remote code execution flaw in Samba

By corbet The Samba 4.1.17, 4.0.25 and 3.6.25
releases
are available; they fix an unpleasant code-execution
vulnerability. See this
Red Hat security blog entry
for more information. “CVE-2015-0240
is a security flaw in the smbd file server daemon. It can be exploited by a
malicious Samba client, by sending specially-crafted packets to the Samba
server. No [authentication] is required to exploit this flaw. It can result in
remotely controlled execution of arbitrary code as root.

From: LWN

Share

Kernel prepatch 4.0-rc1

By corbet Linus has closed the merge window for this release and released 4.0-rc1 — meaning, of course, that the current
plan is to call the release “4.0”. “But nobody should
notice. Because moving to 4.0 does *not* mean that we somehow changed what
people see. It’s all just more of the same, just with smaller numbers so
that I can do releases without having to take off my socks again.

The codename has also changed to “Hurr durr I’ma sheep.”

From: LWN

Share

Ubuntu 14.04.2 LTS released + 15.04 (“Vivid Vervet”) feature freeze

By jake Ubuntu has announced the release of the second point release for its 14.04
long-term support (LTS). 14.04.2 comes with an updated kernel and X Window
stack to support more hardware, along with “security updates and
corrections for other high-impact bugs
” all on updated installation
media “so that fewer updates will need to
be downloaded after installation
“. It is available for all of the
members of the Ubuntu clan: Kubuntu, Edubuntu, Xubuntu,
Mythbuntu, Ubuntu GNOME, Lubuntu,
Ubuntu Kylin, and Ubuntu Studio.

One other note from the Ubuntu world: a feature
freeze is in effect
for 15.04 (“Vivid Vervet”), which is due in April.

From: LWN

Share

Green: Another update on the Truecrypt audit

By jake On his blog, Matthew Green gives an update on the plans to audit the TrueCrypt disk encryption tool. Green led an effort in 2013 to raise money for an audit of the TrueCrypt source code, which sort of ran aground when TrueCrypt abruptly shut down in May 2014. “It took us a while to recover from this and come up with a plan B that works within our budget and makes sense. We’re now implementing this. A few weeks ago we signed a contract with the newly formed NCC Group’s Cryptography Services practice (which grew out of iSEC, Matasano and Intrepidus Group). The project will evaluate the original Truecrypt 7.1a which serves as a baseline for the newer forks, and it will begin shortly. However to minimize price — and make your donations stretch farther — we allowed the start date to be a bit flexible, which is why we don’t have results yet.

From: LWN

Share

GDB 7.9 released

By corbet Version 7.9 of the GDB debugger is out. Changes include enhancements to
the Python scripting API, the ability to compile and inject code into the
debugged program, signal-handling improvements, and more.

From: LWN

Share

Friday’s security updates

By jake

Debian has updated libreoffice
(denial of service).

Fedora has updated cups (F20:
code execution), dbus (F20: denial of
service), and freetype (F21; F20: many vulnerabilities).

Mageia has updated cpio
(privilege escalation), kernel-linus (many
vulnerabilities, two from 2013), kernel-rt
(many vulnerabilities, two from 2013), kernel-tmb (many vulnerabilities, two
from 2013), kernel-vserver (many
vulnerabilities, two from 2013), ruby-sprockets (information disclosure), sudo (information disclosure), and tomcat (HTTP request smuggling).

openSUSE has updated tigervnc
(13.2: information leak/denial of service) and xorg-x11-server (13.2, 13.1: information
leak/denial of service).

Red Hat has updated openstack-glance (access restriction bypass).

SUSE has updated java-1_7_0-openjdk (many vulnerabilities, lots
unspecified).

Ubuntu has updated nss
(TLS certificate update).

From: LWN

Share

EFF: Lenovo is breaking HTTPS security on its recent laptops

By corbet Here is a
statement from the Electronic Frontier Foundation
on the revelation
that Lenovo has been shipping insecure man-in-the-middle malware on its
laptops. “Lenovo has not just injected ads in a wildly inappropriate
manner, but engineered a massive security catastrophe for its users. The
use of a single certificate for all of the MITM attacks means that all
HTTPS security for at least Internet Explorer, Chrome, and Safari for
Windows, on all of these Lenovo laptops, is now broken.
” For
additional amusement, see Lenovo’s
statement
on the issue.

There are a lot of Lenovo users in LWN’s audience. Presumably most of them
have long since done away with the original software, but those who might
have kept it around would be well advised to look into the issue; this site can evidently indicate
whether a machine is vulnerable or not.

From: LWN

Share

Security updates for Thursday

By jake

Debian has updated bind9 (denial
of service).

Debian-LTS has updated linux-2.6
(multiple vulnerabilities, one from 2013).

Fedora has updated drupal7-path_breadcrumbs (F21; F20:
access restriction bypass).

openSUSE has updated perl-YAML-LibYAML (13.2, 13.1: multiple
vulnerabilities, one each from 2013 and 2012) and php5 (13.2, 13.1: multiple vulnerabilities).

SUSE has updated xntp (SLE10SP4:
multiple vulnerabilities).

Ubuntu has updated bind9 (14.10,
14.04, 12.04: denial of service).

From: LWN

Share

Security advisories for Wednesday

By ris

Fedora has updated file (F21:
multiple vulnerabilities).

Gentoo has updated chromium (multiple vulnerabilities).

Mageia has updated dbus (denial of service), glibc (two vulnerabilities), kernel (multiple vulnerabilities), patch (multiple vulnerabilities), postgresql (multiple vulnerabilities), and x11-server (information leak/denial of service).

openSUSE has updated mdadm (13.2:
command injection).

Ubuntu has updated php5 (14.10,
14.04, 12.04: multiple vulnerabilities) and unzip (14.10, 14.04, 12.04: code execution).

From: LWN

Share