Ubuntu 16.04.6 LTS Released With Fixes Security Vulnerability

Ubuntu Security Patch
Ubuntu Security Patch

Ubuntu announced the release of Ubuntu 16.04.6 LTS (Long-Term Support) for its Desktop and Server products, as well as other flavors of Ubuntu with long-term support with several Bug fixes.

Unlike previous point releases, 16.04.6 is a security-targeted release for the purpose of providing updated installation media which protects new installations from the recently discovered APT vulnerability (USN-3863-1).

Many other security updates for additional high-impact bugs are also included, with a focus on maintaining stability and compatibility with Ubuntu 16.04 LTS.

Kubuntu 16.04.6 LTS, Xubuntu 16.04.6 LTS, Mythbuntu 16.04.6 LTS, Lubuntu 16.04.6 LTS, Ubuntu Kylin 16.04.6 LTS and Ubuntu MATE 16.04.6 LTS are also now available.

Users of Ubuntu on clouds are recommended to launch new instances using the latest images from the 16.04 release stream, which include the fix in APT for USN-3863-1.

Following featured vulnerabilities have been fixed.

openssl, openssl1.0 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS

OpenSSL could be made to expose sensitive information over the network.

Software Description

  • openssl1.0 – Secure Socket Layer (SSL) cryptographic library and tools
  • openssl – Secure Socket Layer (SSL) cryptographic library and tools

Details
Researchers founf that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data.

libgd2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Details
It was discovered that GD incorrectly handled memory when processing certain images. A remote attacker could use this issue with a specially crafted image file to cause GD to crash, resulting in a denial of service, or possibly execute arbitrary code.

Network Security Service library (NSS) vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary
NSS could be made to crash if it received specially crafted network traffic.

Details
A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

Update your UBUNTU operating system now.

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

Pretty Good Privacy (PGP) – A Program That Provides Data Encryption and Decryption

Pretty Good Privacy (PGP) is a program used for encrypting and decrypting...
Read More

Leave a Reply