Ubuntu 6589 Published by

The following updates has been released for Ubuntu Linux:

USN-4119-1: Irssi vulnerability
USN-4120-1: systemd vulnerability
USN-4121-1: Samba vulnerability



USN-4119-1: Irssi vulnerability


=========================================================================
Ubuntu Security Notice USN-4119-1
September 03, 2019

irssi vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04

Summary:

Irssi could be made to crash or execute arbitrary code if it received
a specially crafted CAP request.

Software Description:
- irssi: terminal based IRC client

Details:

It was discovered that Irssi incorrectly handled certain CAP requests.
An attacker could possibly use this issue to cause a denial of service or
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
irssi 1.2.0-2ubuntu1.2

After a standard system update you need to restart Irssi to make
all the necessary changes.

References:
https://usn.ubuntu.com/4119-1
CVE-2019-15717

Package Information:
https://launchpad.net/ubuntu/+source/irssi/1.2.0-2ubuntu1.2

USN-4120-1: systemd vulnerability


==========================================================================
Ubuntu Security Notice USN-4120-1
September 03, 2019

systemd vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04
- Ubuntu 18.04 LTS

Summary:

systemd-resolved would allow unprivileged users to change DNS settings.

Software Description:
- systemd: system and service manager

Details:

It was discovered that the systemd-resolved D-Bus interface did not
enforce appropriate access controls. A local unprivileged user could
exploit this to modify a system's DNS resolver settings.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
systemd 240-6ubuntu5.6

Ubuntu 18.04 LTS:
systemd 237-3ubuntu10.28

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/4120-1
CVE-2019-15718

Package Information:
https://launchpad.net/ubuntu/+source/systemd/240-6ubuntu5.6
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.28


USN-4121-1: Samba vulnerability


=========================================================================
Ubuntu Security Notice USN-4121-1
September 03, 2019

samba vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.04

Summary:

Samba would allow unintended access to files over the network.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

Stefan Metzmacher discovered that the Samba SMB server did not properly
prevent clients from escaping outside the share root directory in
some situations. An attacker could use this to gain access to files
outside of the Samba share, where allowed by the permissions of the
underlying filesystem.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.04:
samba 2:4.10.0+dfsg-0ubuntu2.4

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4121-1
CVE-2019-10197

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.10.0+dfsg-0ubuntu2.4