Security Team Weekly Summary: October 12, 2017

Canonical

Canonical

on 12 October 2017

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com

During the last week, the Ubuntu Security team:

  • Triaged 238 public security vulnerability reports, retaining the 75 that applied to Ubuntu.
  • Published 12 Ubuntu Security Notices which fixed 43 security issues (CVEs) across 9 supported packages.

Ubuntu Security Notices

Bug Triage

Mainline Inclusion Requests

Updates to Community Supported Packages

  • Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for git (LP: #1719740)

Development

  • Reviews:
    • PR 3973/cgroup freezer in support of layouts
    • PR 3998/utilize new seccomp logging features
    • PR 3999/add detection of stale mount namespaces for layouts
    • PR 3872/preserve TMPDIR and HOSTALIASES across snap-confine invocation
    • PR 3958/add support for /home on NFS
    • PR 4008/create missing mountpoints in support of layouts
  • submitted policy-updates-xxx PR 4002
  • submitted small lttng PR 4003
  • submitted small lxd PR 4004
  • fscrypt 0.2.1 and 0.2.2 packaged
  • libseccomp patches rebased to latest

What the Security Team is Reading This Week

Weekly Meeting

More Info

Ubuntu cloud

Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.

Newsletter signup

Select topics you’re interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

Ubuntu updates for L1 Terminal Fault vulnerabilities

For up-to-date patch, package, and USN links, please click here. Today Intel announced a new side channel vulnerability known as L1 Terminal Fault. Raoul Strackx, Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci,…

National Cyber Security Centre publish Ubuntu 18.04 LTS Security Guide

Last week the NCSC (National Cyber Security Centre) in the UK issued their latest publication which gives advice on how to configure Ubuntu 18.04 LTS in accordance with their security best practices. The National Cyber Security Centre…

IoT Security at Scale: Managing end-to-end security

Title: IoT Security at Scale: Managing end-to-end security for Commercial IoT Gateways Speakers: Justin Rigling, CTO, Rigado Date/Time: August 8, 12:00PM EST / 5:00PM BST Rigado, a Canonical partner, provides a secure, scalable gateway…