1.264.0

Notably, this release addresses:

USN-3882-1 USN-3882-1: curl vulnerabilities:

• CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
• CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
• CVE-2019-3823: SMTP end-of-response out-of-bounds read

-ii  curl                       7.35.0-1ubuntu2.19  amd64  command line tool for transferring data with URL syntax
+ii  curl                       7.35.0-1ubuntu2.20  amd64  command line tool for transferring data with URL syntax
-ii  libcurl3:amd64             7.35.0-1ubuntu2.19  amd64  easy-to-use client-side URL transfer library (OpenSSL flavour)
-ii  libcurl3-gnutls:amd64      7.35.0-1ubuntu2.19  amd64  easy-to-use client-side URL transfer library (GnuTLS flavour)
-ii  libcurl4-openssl-dev:amd64 7.35.0-1ubuntu2.19  amd64  development files and documentation for libcurl (OpenSSL flavour)
+ii  libcurl3:amd64             7.35.0-1ubuntu2.20  amd64  easy-to-use client-side URL transfer library (OpenSSL flavour)
+ii  libcurl3-gnutls:amd64      7.35.0-1ubuntu2.20  amd64  easy-to-use client-side URL transfer library (GnuTLS flavour)
+ii  libcurl4-openssl-dev:amd64 7.35.0-1ubuntu2.20  amd64  development files and documentation for libcurl (OpenSSL flavour)

1.263.0

Notably, this release addresses:

USN-3879-2 USN-3879-2: Linux kernel (Xenial HWE) vulnerabilities:

• CVE-2018-10883: A flaw was found in the Linux kernel's ext4 filesystem. A local user cancause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial ofservice, and a system crash by mounting and operating on a crafted ext4filesystem image.
• CVE-2018-16862: A security flaw was found in the Linux kernel in a way that the cleancachesubsystem clears an inode after the final file truncation (removal). Thenew file created with the same inode may contain leftover pages fromcleancache and the old file data instead of the new one.
• CVE-2018-19407: The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernelthrough 4.19.2 allows local users to cause a denial of service (NULLpointer dereference and BUG) via crafted system calls that reach asituation where ioapic is uninitialized.
• CVE-2018-19824: In the Linux kernel through 4.19.6, a local user could exploit ause-after-free in the ALSA driver by supplying a malicious USB Sound device(with zero interfaces) that is mishandled in usb_audio_probe insound/usb/card.c.
• CVE-2018-20169: An issue was discovered in the Linux kernel before 4.19.9. The USBsubsystem mishandles size checks during the reading of an extra descriptor,related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.

1.260.0

Notably, this release addresses:

USN-3864-1 USN-3864-1: LibTIFF vulnerabilities:

• CVE-2018-10963: The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through4.0.9 allows remote attackers to cause a denial of service (assertionfailure and application crash) via a crafted file, a differentvulnerability than CVE-2017-13726.
• CVE-2018-17100: An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow inmultiply_ms in tools/ppm2tiff.c, which can cause a denial of service(crash) or possibly have unspecified other impact via a crafted image file.
• CVE-2018-17101: An issue was discovered in LibTIFF 4.0.9. There are two out-of-boundswrites in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause adenial of service (application crash) or possibly have unspecified otherimpact via a crafted image file.
• CVE-2018-18557: LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into abuffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecodeout-of-bounds write.
• CVE-2018-18661: An issue was discovered in LibTIFF 4.0.9. There is a NULL pointerdereference in the function LZWDecode in the file tif_lzw.c.
• CVE-2018-7456: A NULL Pointer Dereference occurs in the function TIFFPrintDirectory intif_print.c in LibTIFF 4.0.9 when using the tiffinfo tool to print craftedTIFF information, a different vulnerability than CVE-2017-18013. (Thisaffects an earlier part of the TIFFPrintDirectory function that was notaddressed by the CVE-2017-18013 patch.)
• CVE-2018-8905: In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the functionLZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated bytiff2ps.

USN-3863-1 USN-3863-1: APT vulnerability:

• CVE-2019-3462: content injection in http method

-ii  apt                  1.0.1ubuntu2.18   amd64  commandline package manager
-ii  apt-utils            1.0.1ubuntu2.18   amd64  package management related utility programs
+ii  apt                  1.0.1ubuntu2.19   amd64  commandline package manager
+ii  apt-utils            1.0.1ubuntu2.19   amd64  package management related utility programs
-ii  libapt-inst1.5:amd64 1.0.1ubuntu2.18   amd64  deb package format runtime library
-ii  libapt-pkg4.12:amd64 1.0.1ubuntu2.18   amd64  package management runtime library
+ii  libapt-inst1.5:amd64 1.0.1ubuntu2.19   amd64  deb package format runtime library
+ii  libapt-pkg4.12:amd64 1.0.1ubuntu2.19   amd64  package management runtime library
-ii  libtiff5:amd64       4.0.3-7ubuntu0.9  amd64  Tag Image File Format (TIFF) library
-ii  libtiff5-dev:amd64   4.0.3-7ubuntu0.9  amd64  Tag Image File Format library (TIFF), development files
-ii  libtiffxx5:amd64     4.0.3-7ubuntu0.9  amd64  Tag Image File Format (TIFF) library -- C++ interface
+ii  libtiff5:amd64       4.0.3-7ubuntu0.10 amd64  Tag Image File Format (TIFF) library
+ii  libtiff5-dev:amd64   4.0.3-7ubuntu0.10 amd64  Tag Image File Format library (TIFF), development files
+ii  libtiffxx5:amd64     4.0.3-7ubuntu0.10 amd64  Tag Image File Format (TIFF) library -- C++ interface

1.259.0

Notably, this release addresses:

USN-3859-1 USN-3859-1: libarchive vulnerabilities:

• CVE-2017-14502: read_header in archive_read_support_format_rar.c in libarchive 3.3.2suffers from an off-by-one error for UTF-16 names in RAR archives, leadingto an out-of-bounds read in archive_read_format_rar_read_header.
• CVE-2018-1000877: libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards(release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability inRAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(),realloc(rar->lzss.window, new_size) with new_size = 0 that can result inCrash/DoS. This attack appear to be exploitable via the victim must open aspecially crafted RAR archive.
• CVE-2018-1000878: libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards(release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerabilityin RAR decoder - libarchive/archive_read_support_format_rar.c that canresult in Crash/DoS - it is unknown if RCE is possible. This attack appearto be exploitable via the victim must open a specially crafted RAR archive.
• CVE-2018-1000880: libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards(release v3.2.0 onwards) contains a CWE-20: Improper Input Validationvulnerability in WARC parser -libarchive/archive_read_support_format_warc.c, _warc_read() that can resultin DoS - quasi-infinite run time and disk usage from tiny file. This attackappear to be exploitable via the victim must open a specially crafted WARCfile.

-ii  libarchive13:amd64  3.1.2-7ubuntu2.6  amd64  Multi-format archive and compression library (shared library)
+ii  libarchive13:amd64  3.1.2-7ubuntu2.7  amd64  Multi-format archive and compression library (shared library)

1.258.0

-ii  ca-certificates         20170717~14.04.1     all   Common CA certificates
+ii  ca-certificates         20170717~14.04.2     all   Common CA certificates
-ii  krb5-multidev           1.12+dfsg-2ubuntu5.3 amd64 Development files for MIT Kerberos without Heimdal conflict
-ii  krb5-user               1.12+dfsg-2ubuntu5.3 amd64 Basic programs to authenticate using MIT Kerberos
+ii  krb5-multidev           1.12+dfsg-2ubuntu5.4 amd64 Development files for MIT Kerberos without Heimdal conflict
+ii  krb5-user               1.12+dfsg-2ubuntu5.4 amd64 Basic programs to authenticate using MIT Kerberos
-ii  libgssapi-krb5-2:amd64  1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
+ii  libgssapi-krb5-2:amd64  1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-ii  libgssrpc4:amd64        1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
+ii  libgssrpc4:amd64        1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
-ii  libk5crypto3:amd64      1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Crypto Library
-ii  libkadm5clnt-mit9:amd64 1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Administration Clients
-ii  libkadm5srv-mit9:amd64  1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - KDC and Admin Server
-ii  libkdb5-7:amd64         1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Kerberos database
+ii  libk5crypto3:amd64      1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - Crypto Library
+ii  libkadm5clnt-mit9:amd64 1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - Administration Clients
+ii  libkadm5srv-mit9:amd64  1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - KDC and Admin Server
+ii  libkdb5-7:amd64         1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - Kerberos database
-ii  libkrb5-3:amd64         1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries
-ii  libkrb5-dev             1.12+dfsg-2ubuntu5.3 amd64 Headers and development libraries for MIT Kerberos
-ii  libkrb5support0:amd64   1.12+dfsg-2ubuntu5.3 amd64 MIT Kerberos runtime libraries - Support library
+ii  libkrb5-3:amd64         1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries
+ii  libkrb5-dev             1.12+dfsg-2ubuntu5.4 amd64 Headers and development libraries for MIT Kerberos
+ii  libkrb5support0:amd64   1.12+dfsg-2ubuntu5.4 amd64 MIT Kerberos runtime libraries - Support library
-ii  mountall                2.53                 amd64 filesystem mounting tool
+ii  mountall                2.53ubuntu1          amd64 filesystem mounting tool

1.257.0

-ii  tzdata  2018g-0ubuntu0.14.04  all  time zone and daylight-saving time data
+ii  tzdata  2018i-0ubuntu0.14.04  all  time zone and daylight-saving time data

1.256.0

-ii  libudev1:amd64       204-5ubuntu20.28 amd64  libudev shared library
+ii  libudev1:amd64       204-5ubuntu20.29 amd64  libudev shared library
-ii  linux-libc-dev:amd64 3.13.0-163.213   amd64  Linux Kernel Headers for development
+ii  linux-libc-dev:amd64 3.13.0-164.214   amd64  Linux Kernel Headers for development
-ii  udev                 204-5ubuntu20.28 amd64  /dev/ and hotplug management daemon
+ii  udev                 204-5ubuntu20.29 amd64  /dev/ and hotplug management daemon

1.255.0

Notably, this release addresses:

USN-3843-1 USN-3843-1: pixman vulnerability:

• CVE-2015-5297: general_composite_rect() integer overflow

-ii  libcups2:amd64      1.7.2-0ubuntu1.10  amd64  Common UNIX Printing System(tm) - Core library
+ii  libcups2:amd64      1.7.2-0ubuntu1.11  amd64  Common UNIX Printing System(tm) - Core library
-ii  libpixman-1-0:amd64 0.30.2-2ubuntu1.1  amd64  pixel-manipulation library for X and cairo
-ii  libpixman-1-dev     0.30.2-2ubuntu1.1  amd64  pixel-manipulation library for X and cairo (development files)
+ii  libpixman-1-0:amd64 0.30.2-2ubuntu1.2  amd64  pixel-manipulation library for X and cairo
+ii  libpixman-1-dev     0.30.2-2ubuntu1.2  amd64  pixel-manipulation library for X and cairo (development files)

1.254.0

Notably, this release addresses:

USN-3840-1 USN-3840-1: OpenSSL vulnerabilities:

• CVE-2018-0734: The OpenSSL DSA signature algorithm has been shown to be vulnerable to atiming side channel attack. An attacker could use variations in the signingalgorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL1.0.2q (Affected 1.0.2-1.0.2p).
• CVE-2018-0735: The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to atiming side channel attack. An attacker could use variations in the signingalgorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
• CVE-2018-5407: Simultaneous Multi-threading (SMT) in processors can enable local users toexploit software vulnerable to timing attacks via a side-channel timingattack on 'port contention'.

-ii  libssl-dev:amd64  1.0.1f-1ubuntu2.26  amd64  Secure Sockets Layer toolkit - development files
-ii  libssl1.0.0:amd64 1.0.1f-1ubuntu2.26  amd64  Secure Sockets Layer toolkit - shared libraries
+ii  libssl-dev:amd64  1.0.1f-1ubuntu2.27  amd64  Secure Sockets Layer toolkit - development files
+ii  libssl1.0.0:amd64 1.0.1f-1ubuntu2.27  amd64  Secure Sockets Layer toolkit - shared libraries
-ii  openssl           1.0.1f-1ubuntu2.26  amd64  Secure Sockets Layer toolkit - cryptographic utility
+ii  openssl           1.0.1f-1ubuntu2.27  amd64  Secure Sockets Layer toolkit - cryptographic utility

1.253.0

Notably, this release addresses:

USN-3834-1 USN-3834-1: Perl vulnerabilities:

• CVE-2018-18311: Integer overflow leading to buffer overflow
• CVE-2018-18312: Heap-buffer-overflow write / reg_node overrun
• CVE-2018-18313: Heap-buffer-overflow read
• CVE-2018-18314: Heap-based buffer overflow

-ii  perl         5.18.2-2ubuntu1.6  amd64 Larry Wall's Practical Extraction and Report Language
-ii  perl-base    5.18.2-2ubuntu1.6  amd64 minimal Perl system
-ii  perl-modules 5.18.2-2ubuntu1.6  all   Core Perl modules
+ii  perl         5.18.2-2ubuntu1.7  amd64 Larry Wall's Practical Extraction and Report Language
+ii  perl-base    5.18.2-2ubuntu1.7  amd64 minimal Perl system
+ii  perl-modules 5.18.2-2ubuntu1.7  all   Core Perl modules