Security Team Weekly Summary: December 21, 2017

Canonical

Canonical

on 21 December 2017

The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com

During the last week, the Ubuntu Security team:

  • Triaged 301 public security vulnerability reports, retaining the 47 that applied to Ubuntu.
  • Published 5 Ubuntu Security Notices which fixed 3 security issues (CVEs) across 7 supported packages.

Ubuntu Security Notices

Bug Triage

Mainline Inclusion Requests

Development

  • Disable squashfs fragments in snap
  • PR 4387 – explicitly deny ~/.gnupg/random_seed in gpg-keys interface
  • Submitted PR 4399 for rewrite snappy-app-dev in Go
  • Created PR 4406 – interfaces/dbus: adjust slot policy for listen, accept and accept4 syscalls
  • Reviews
    • PR 4365 – wayland slot implementation

What the Security Team is Reading This Week

Weekly Meeting

More Info

Ubuntu Server

The leading platform for scale-out computing, Ubuntu Server delivers the best value scale-out performance available.

Newsletter signup

Select topics you’re interested in

In submitting this form, I confirm that I have read and agree to Canonical’s Privacy Notice and Privacy Policy.

Related posts

A first look at desktop metrics

We first announced our intention to ask users to provide basic, not-personally-identifiable system data back in February. Since then we have built the Ubuntu Report tool and integrated it in to the Ubuntu 18.04 LTS initial setup tool. You…

Ubuntu 16.04 LTS certified for Intel NUC for IoT device development

Canonical and Intel® are pleased to announce that Ubuntu 16.04 LTS is now certified on selected Intel® NUC Mini PCs and boards. This partnership will aid device manufacturer’s and their developers to a smoother path to the development and…

Report from the GNOME Software design sprint

  A couple of weeks ago representatives from across Canonical met in London to talk about ideas to improve the user experience of GNOME Software. We had people from the store team, snap advocacy, snapd, design and from the desktop…