Episode 123
Ubuntu Security Podcast
English - July 09, 2021 04:18 - 8 minutes - 6.88 MB - ★★★★★ - 10 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Is npm audit more harm than good? Plus this week we look at security
updates for DjVuLibre, libuv, PHP and more.
Overview
Is npm audit more harm than good? Plus this week we look at security
updates for DjVuLibre, libuv, PHP and more.
This week in Ubuntu Security Updates
8 unique CVEs addressed
[USN-4905-2] X.Org X Server vulnerability [00:42]
1 CVEs addressed in Trusty ESM (14.04 ESM)
Episode 112 - Local user (X client) could crash the server via Xinput
extension and ChangeFeedbackControl request - integer underflow -> heap
buffer overflow
[USN-5005-1] DjVuLibre vulnerability [01:26]
1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
OOB write via crafted djvu file -> crash -> DoS, RCE
[USN-5007-1] libuv vulnerability [01:53]
1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
Async event handling library - used by nodejs and others - supports async
handling TCP/UDP sockets, DNS resolution, file system operations etc
OOB read when converting strings to ASCII -> can be triggered via calls
to uv_getaddrinfo() which are done by clients who handle TCP/UDP sockets
async (ie nodejs, Julia,, BIND etc)
[USN-5006-1] PHP vulnerabilities [03:04]
5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
CVE-2021-21705
CVE-2021-21704
CVE-2021-21702
CVE-2020-7071
CVE-2020-7068
UAF in PHAR archive handling - generally these are trusted so low impact
mishandling of URLs with embedded passwords - unspecified impact but
could misparse the URL and cause unwanted behaviour
Mishandling of XML when processing SOAP server responses -> NULL ptr
deref (so malicious server could trigger a crash) -> DoS
Ability to bypass Sever Side Request Forgery (SSRF) protections in
FILTER_VALIDATE_URL
Goings on in Ubuntu Security Community
npm audit broken by design? [04:13]
https://overreacted.io/npm-audit-broken-by-design/
Ubuntu Security Podcast on break for next 2 weeks [07:56]
Get in contact
[email protected]
#ubuntu-security on the Libera.Chat IRC network
ubuntu-hardened mailing list
Security section on discourse.ubuntu.com
@ubuntu_sec on twitter