Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Canonical
on 14 September 2017

Security Team Weekly Summary: September 14, 2017


The Security Team weekly reports are intended to be very short summaries of the Security Team’s weekly activities.

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: [email protected]

During the last week, the Ubuntu Security team:

  • Triaged 234 public security vulnerability reports, retaining the 109 that applied to Ubuntu.
  • Published 6 Ubuntu Security Notices which fixed 15 security issues (CVEs) across 5 supported packages.

Ubuntu Security Notices

Bug Triage

Mainline Inclusion Requests

Updates to Community Supported Packages

  • Gianfranco Costamagna provided a debdiff for xenial for check-all-the-things (LP: #1597245)

  • Simon Quigley (tsimonq2) provided a debdiff for xenial for karchive (LP: #1712948)

  • James Cowgill (jcowgill) provided debdiffs for xenial and zesty for mbedtls (LP: #1714640)

Call for Testing

  • Updates for WordPress are available in the security-proposed PPA and are just waiting for some testing before being published. Jump into #ubuntu-hardened on Freenode and ping the security team member on community duty if you are interested in helping test this community supported package.

Development

What the Security Team is Reading This Week

Weekly Meeting

More Info

Related posts


Octavio Galland
30 May 2025

Apport local information disclosure vulnerability fixes available

Ubuntu Article

Qualys discovered two vulnerabilities in various Linux distributions which allow a local attacker with permission to create user namespaces to leak core dumps for processes of suid executables. These affect both apport, the Ubuntu default core dump handler (CVE-2025-5054), and systemd-coredump, the default core dump handler in Red Hat Ent ...


Nkeiruka Whenu
28 May 2025

The 2025 Frankfurt Engineering Sprint: What did you miss?

Community Article

If you have ever wondered what goes on when your friends say that they’re going on a “Business trip” abroad, then allow me to spill the beans 🫘. Let’s recap what you may have missed from Canonical’s Frankfurt Engineering Sprint this May, shall we? My name is Nkeiruka, and I work as a Software Engineer ...


ilvipero
27 May 2025

Ubuntu Summit 25.10 is coming to your circle of friends, from London

Ubuntu Article

London calling… We have an exciting announcement about the Ubuntu Summit. We’ve been chatting with our community and contributors to see how we can bring our event, and the impact of open source, to even more people. This year, the Ubuntu Summit is reborn – read on to find out what changes we’re making. Twice ...