Categories: Security Update

Ubuntu Security Updates for Vulnerabilities that Affects Multiple Versions

Ubuntu Security Updates for the vulnerabilities that affect multiple releases of Ubuntu and its derivatives. The vulnerabilities are fixed with the latest packages if you have enabled automatic update in your Ubuntu servers the updates will be applied automatically.

ClamAV regression

Latest package update fixes vulnerabilities with ClamAVthst fails in handling certain HWP and PDF files in previous versions. This could be exploited by a remote attacker resulting in a DOS attack.

The vulnerability can be tracked as CVE-2018-0360, CVE-2018-0361, the issue found in Ubuntu 12.04 ESM, Ubuntu 18.04 LTS Ubuntu 16.04 LTS and Ubuntu 14.04 LTS and it has been fixed with clamav – 0.100.1+dfsg-1ubuntu0.12.04.2, clamav – 0.100.1+dfsg-1ubuntu0.18.04.2, clamav – 0.100.1+dfsg-1ubuntu0.16.04.2 and clamav – 0.100.1+dfsg-1ubuntu0.14.04.2.

Data Server vulnerability

Evolution Data Server leads to the sensitive exposure of data over the network, it may result in the user’s password being unexpectedly sent in clear text, even though the user had requested to use SSL.

Data Server vulnerability tracked as CVE-2016-10727, it affects Ubuntu 16.04 LTS and Ubuntu 14.04 LTS.

The Vulnerability can be fixed by updating to following packages, with Ubuntu 16.04 LTS

evolution-data-server – 3.18.5-1ubuntu1.1
evolution-data-server-common – 3.18.5-1ubuntu1.1
libcamel-1.2-54 – 3.18.5-1ubuntu1.1
libebackend-1.2-10 – 3.18.5-1ubuntu1.1
libedataserver-1.2-21 – 3.18.5-1ubuntu1.1

For Ubuntu 14.04 LTS the fixed package versions

evolution-data-server – 3.10.4-0ubuntu1.6
evolution-data-server-common – 3.10.4-0ubuntu1.6
libcamel-1.2-45 – 3.10.4-0ubuntu1.6
libebackend-1.2-7 – 3.10.4-0ubuntu1.6
libedataserver-1.2-18 – 3.10.4-0ubuntu1.6

Also Read

Google Chrome to Show Not Secure For HTTP Sites and Fix for 42 Security Issues

Apache Software Foundation Releases Important Security Patches for Multiple Apache Tomcat Versions

Cisco Released Critical Security Updates for Vulnerabilities that Affected Cisco Products

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Claude AI Abused in Influence-as-a-Service Operations and Campaigns

Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of…

10 hours ago

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…

19 hours ago

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…

20 hours ago

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…

23 hours ago

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…

1 day ago

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…

1 day ago