ANNOUNCE: xfdashboard 0.9.2 released

xfdashboard 0.9.2 is now available for download from
archive.xfce.org/src/apps/xfdashboard/0.9/xfdashboard-0.9.2.tar.bz2 archive.xfce.org/src/apps/xfdashboard/0.9/xfdashboard-0.9.2.tar.bz2?sha1 archive.xfce.org/src/apps/xfdashboard/0.9/xfdashboard-0.9.2.tar.bz2?sha256
What is xfdashboard? ====================
xfdashboard provides a GNOME shell dashboard like interface for use with Xfce desktop. It can be configured to run to any keyboard shortcut and when executed provides an overview of applications currently open enabling the user to switch between different applications. The search feature works like Xfce’s app finder which makes it convenient to search for and start applications.
Website: docs.xfce.org/apps/xfdashboard/start
Release notes for 0.9.2 ======================= xfdashboard-0.9.2 “Gradients! Whoohoooo!” was released on 2021-04-08.
This is a development release.
* New feature: Enhanced new color class XfdashboardGradientColor to support also linear gradients besided solid colors (single colors) and path gradients. Added support to specify colors for XfdashboardGradientColor in CSS. * Background fill color of XfdashboardBackground as well as outline color of XfdashboardOutlineEffect do support all types of new color class XfdashboardGradientColor, i.e solid colors, linear gradients and path gradients * Fix failing to create texture for outlines because either width or height is zero (#8) * Fix visual bug in default theme drawing wrong fill and outlines corners at workspace selector * Fix not to draw outlines with rounded corners if background type has not set rounded corners like fill background has already checked for years * Improved algorithm to detect application and determine its desktop file (*.desktop) for X11 windows by checking for the X atom called “_GTK_APPLICATION_ID” at X11 window properties and at Linux also lookup executable file from /proc filesystem in application database. For *BSD unixes I need help! * Disabled applications-search-provider statistics as it uses a file instead of settings object or similar * Smaller bug-fixes * Clean-ups * More API documentation * Updated localizations: es, eu, gl, lt, nb, pt_BR, sv, tr _______________________________________________ Xfce-announce mailing list Xfce-announce@xfce.org mail.xfce.org/mailman/listinfo/xfce-announce

openSUSE2021:0516-1: important: Security update for isync

openSUSE Security Update: Security update for isync ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0516-1 Rating: important References: #1182488 Cross-References: CVE-2021-20247 CVSS scores: CVE-2021-20247 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for isync fixes the following issues:
– isync was updated to version 1.3.5 – CVE-2021-20247: reject funny mailbox names from IMAP LIST/LSUB (boo#1182488)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-516=1

Package List:
– openSUSE Leap 15.2 (x86_64):
isync-1.3.5-lp152.4.3.1 isync-debuginfo-1.3.5-lp152.4.3.1 isync-debugsource-1.3.5-lp152.4.3.1
References:
www.suse.com/security/cve/CVE-2021-20247.html bugzilla.suse.com/1182488

[USN-4903-1] curl vulnerability

========================================================================== Ubuntu Security Notice USN-4903-1 April 07, 2021
curl vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 14.04 ESM
Summary:
curl could be made to expose sensitive information over the network.
Software Description: – curl: HTTP, HTTPS, and FTP client and client libraries
Details:
Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM:   curl                            7.35.0-1ubuntu2.20+esm7   libcurl3                        7.35.0-1ubuntu2.20+esm7   libcurl3-gnutls                 7.35.0-1ubuntu2.20+esm7   libcurl3-nss                    7.35.0-1ubuntu2.20+esm7
In general, a standard system update will make all the necessary changes.
References:   ubuntu.com/security/notices/USN-4903-1   CVE-2021-22876

[LSN-0075-1] Linux kernel vulnerability

Linux kernel vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS – Ubuntu 20.04 LTS – Ubuntu 16.04 LTS – Ubuntu 14.04 ESM
Summary
Several security issues were fixed in the kernel.
Software Description
– linux – Linux kernel – linux-aws – Linux kernel for Amazon Web Services (AWS) systems – linux-azure – Linux kernel for Microsoft Azure Cloud systems – linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems – linux-gke – Linux kernel for Google Container Engine (GKE) systems – linux-gkeop – Linux kernel for Google Container Engine (GKE) systems – linux-oem – Linux kernel for OEM systems
Details
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly apply speculative execution limits on some pointer types. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27170)
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly compute a speculative execution limit on pointer arithmetic in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-27171)
Jann Horn discovered that a race condition existed in the madvise implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-29372)
It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. (CVE-2020-29374)
De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2021-3444)
Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363)
Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364)
Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)
Update instructions
The problem can be corrected by updating your kernel livepatch to the following versions:
Ubuntu 18.04 LTS aws – 75.2 generic – 75.2 gke – 75.2 gkeop – 75.2 lowlatency – 75.2 oem – 75.2
Ubuntu 20.04 LTS aws – 75.2 azure – 75.2 gcp – 75.2 generic – 75.2 gke – 75.2 gkeop – 75.2 lowlatency – 75.2
Ubuntu 16.04 LTS aws – 75.3 azure – 75.2 generic – 75.3 lowlatency – 75.3
Ubuntu 14.04 ESM generic – 75.3 lowlatency – 75.3
Support Information
Kernels older than the levels listed below do not receive livepatch updates. If you are running a kernel version earlier than the one  listed below, please upgrade your kernel as soon as possible.
Ubuntu 18.04 LTS linux-aws – 4.15.0-1054 linux-gke-4.15 – 4.15.0-1076 linux-gke-5.4 – 5.4.0-1009 linux-gkeop-5.4 – 5.4.0-1007 linux-hwe-5.4 – 5.4.0-26 linux-oem – 4.15.0-1063 linux – 4.15.0-69
Ubuntu 20.04 LTS linux-aws – 5.4.0-1009 linux-azure – 5.4.0-1010 linux-gcp – 5.4.0-1009 linux-gke – 5.4.0-1033 linux-gkeop – 5.4.0-1009 linux-oem – 5.4.0-26 linux – 5.4.0-26
Ubuntu 16.04 LTS linux-aws – 4.4.0-1098 linux-azure – 4.15.0-1063 linux-hwe – 4.15.0-69 linux – 4.4.0-168
Ubuntu 14.04 ESM linux-lts-xenial – 4.4.0-168
References
– CVE-2020-27170 – CVE-2020-27171 – CVE-2020-29372 – CVE-2020-29374 – CVE-2021-3444 – CVE-2021-27363 – CVE-2021-27364 – CVE-2021-27365

openSUSE2021:0515-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0515-1 Rating: important References: #1184256 Cross-References: CVE-2021-21194 CVE-2021-21195 CVE-2021-21196 CVE-2021-21197 CVE-2021-21198 CVE-2021-21199
Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Update to 89.0.4389.114 boo#1184256
– CVE-2021-21194: Use after free in screen capture – CVE-2021-21195: Use after free in V8 – CVE-2021-21196: Heap buffer overflow in TabStrip – CVE-2021-21197: Heap buffer overflow in TabStrip – CVE-2021-21198: Out of bounds read in IPC – CVE-2021-21199: Use Use after free in Aura
This update was imported from the openSUSE:Leap:15.2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Backports SLE-15-SP2:
zypper in -t patch openSUSE-2021-515=1

Package List:
– openSUSE Backports SLE-15-SP2 (aarch64 x86_64):
chromedriver-89.0.4389.114-bp152.2.68.1 chromium-89.0.4389.114-bp152.2.68.1
References:
www.suse.com/security/cve/CVE-2021-21194.html www.suse.com/security/cve/CVE-2021-21195.html www.suse.com/security/cve/CVE-2021-21196.html www.suse.com/security/cve/CVE-2021-21197.html www.suse.com/security/cve/CVE-2021-21198.html www.suse.com/security/cve/CVE-2021-21199.html bugzilla.suse.com/1184256

FreeBSD Security Advisory FreeBSD-SA-21:10.jail_mount

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512
============================================================================= FreeBSD-SA-21:10.jail_mount Security Advisory The FreeBSD Project
Topic: jail escape possible by mounting over jail root
Category: core Module: jail Announced: 2021-04-06 Credits: Mateusz Guzik Affects: All supported versions of FreeBSD. Corrected: 2021-04-06 18:50:48 UTC (stable/13, 13.0-STABLE) 2021-04-06 19:18:59 UTC (releng/13.0, 13.0-RC5-p1) 2021-04-06 19:20:50 UTC (stable/12, 12.2-STABLE) 2021-04-06 19:21:33 UTC (releng/12.2, 12.2-RELEASE-p6) 2021-04-06 19:22:31 UTC (stable/11, 11.4-STABLE) 2021-04-06 19:22:59 UTC (releng/11.4, 11.4-RELEASE-p9) CVE Name: CVE-2020-25584
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
The jail(2) system call allows a system administrator to lock a process and all of its descendants inside an environment with a very limited ability to affect the system outside that environment, even for processes with superuser privileges. It is an extension of, but far more powerful than, the traditional UNIX chroot(2) system call.
II. Problem Description
Due to a race condition between lookup of “..” and remounting a filesystem, a process running inside a jail might access filesystem hierarchy outside of jail.
III. Impact
A process with superuser privileges running inside a jail configured with the allow.mount permission (not enabled by default) could change the root directory outside of the jail, and thus gain full read and write access to all files and directories in the system.
IV. Workaround
As a workaround, disable allow.mount permission for all jails with untrusted root users; see jail(1) and jail.conf(5) manual pages for details.
Note that this permission is not enabled by default.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch # freebsd-update install # shutdown -r +10min “Rebooting for a security update”
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 13.0] # fetch security.FreeBSD.org/patches/SA-21:10/jail_mount.13.patch # fetch security.FreeBSD.org/patches/SA-21:10/jail_mount.13.patch.asc # gpg –verify jail_mount.13.patch.asc
[FreeBSD 12.2] # fetch security.FreeBSD.org/patches/SA-21:10/jail_mount.12.patch # fetch security.FreeBSD.org/patches/SA-21:10/jail_mount.12.patch.asc # gpg –verify jail_mount.12.patch.asc
[FreeBSD 11.4] # fetch security.FreeBSD.org/patches/SA-21:10/jail_mount.11.patch # fetch security.FreeBSD.org/patches/SA-21:10/jail_mount.11.patch.asc # gpg –verify jail_mount.11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Hash Revision – ————————————————————————- stable/13/ 3ae17faa3704 stable/13-n245118 releng/13.0/ 4710439ec594 releng/13.0-n244729 stable/12/ r369552 releng/12.2/ r369557 stable/11/ r369560 releng/11.4/ r369562 – ————————————————————————-
For FreeBSD 13 and later:
Run the following command to see which files were modified by a particular commit:
# git show –stat
Or visit the following URL, replacing HHHHHH with the hash:

To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run:
# git rev-list –count –first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN –summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:

VII. References


The latest revision of this advisory is available at —–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmBsveQACgkQ05eS9J6n 5cIujRAAoTOIB1bMhDN3w382izu+g4L4HATqhOyKlf3Ezwlnmckt4s+ERar7EWND 4MayXSogCYwYwb6gsfBsqEdAJwhID1zkBDmC9LaYKehOLMMdPOCbpemJ3xT0540m S4MJ+vPBT2NZ8NsUGNNpIF/mZTgwDai4WSBCr/0OIyNDd+nzStOv0d8h3aNGNweW p/pvETnf/FtR9kACZ2HuiHtOx2IvQv8+n4gjefl440fz8czb3nftdGHRXLc0Kkcy T/l3Y0SgBvXmlhtmhGZmF787Bw/5No+fbKZ4AuTMms42OWz8y02ZjFCvwXEu7/tC f9eeFUzpR+rjNr0MMFEm1GBPNgbdF4v/IhnUA4gWrhjp1sh+4SjHoFhS1tfdY6gf W76eyT0B8oDOLK4Jo76iTjvN1sZ0wctOaq7yk+7rGbhSUFUohQmtsMbvGOfHIVxl DlJ9faccWJLOjbeUAVhVMbowT3/QKqnbuRpkq6U7YIcs9P4cg8RUrokCOiGd5pBz PD5zpNcRCe69c+d39XDGDiBjPm4mQK1VEOr90gcAlE5yioxUW6qlHkFrp/Mje6dX 25Sb1q1zwjn3rM1moIeRXmx+ioLAT9ZWpYs5IvKsuRw4VmppIjA6TWm8ECbjKQKG yPuUgUyxoIoEJgQNmJaM2Rk/fKijyVjEG22jlDNwCxASE4vJ7Xw= =g2On —–END PGP SIGNATURE—– _______________________________________________ freebsd-security-notifications@freebsd.org mailing list lists.freebsd.org/mailman/listinfo/freebsd-security-notifications To unsubscribe, send any mail to “freebsd-security-notifications-unsubscribe@freebsd.org

FreeBSD Security Advisory FreeBSD-SA-21:09.accept_filter

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512
============================================================================= FreeBSD-SA-21:09.accept_filter Security Advisory The FreeBSD Project
Topic: double free in accept_filter(9) socket configuration interface
Category: core Module: accept_filter Announced: 2021-04-06 Credits: Alexey Kulaev Affects: FreeBSD 12.2 and later. Corrected: 2021-03-28 00:24:15 UTC (stable/13, 13.0-STABLE) 2021-03-28 15:03:37 UTC (releng/13.0, 13.0-RC4) 2021-03-28 00:26:49 UTC (stable/12, 12.2-STABLE) 2021-04-06 19:21:21 UTC (releng/12.2, 12.2-RELEASE-p6) CVE Name: CVE-2021-29627
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
FreeBSD features an accept_filter(9) mechanism which allows an application to request that the kernel pre-process incoming connections. For example, the accf_http(9) accept filter prevents accept(2) from returning until a full HTTP request has been buffered.
No accept filters are enabled by default. A system administrator must either compile the FreeBSD kernel with a particular accept filter option (such as ACCEPT_FILTER_HTTP) or load the filter using kldload(8) in order to utilize accept filters.
II. Problem Description
An unprivileged process can configure an accept filter on a listening socket. This is done using the setsockopt(2) system call. The process supplies the name of the accept filter which is to be attached to the socket, as well as a string containing filter-specific information.
If the filter implements the accf_create callback, the socket option handler attempts to preserve the process-supplied argument string. A bug in the socket option handler caused this string to be freed prematurely, leaving a dangling pointer. Additional operations on the socket can turn this into a double free or a use-after-free.
III. Impact
The bug may be exploited to trigger local privilege escalation or kernel memory disclosure.
IV. Workaround
Systems not using accept filters, or using only the accept filters included with the FreeBSD base system (accf_data(9), accf_dns(9), and accf_http(9)) are unaffected. Note that no accept filters are loaded in the kernel by default.
Systems using a third-party accept filter module are affected if the module defines an accf_create callback. In this case, the only workaround is to ensure that the module is not loaded into the kernel.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch # freebsd-update install # shutdown -r +10min “Rebooting for a security update”
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
# fetch security.FreeBSD.org/patches/SA-21:09/accept_filter.patch # fetch security.FreeBSD.org/patches/SA-21:09/accept_filter.patch.asc # gpg –verify accept_filter.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Hash Revision – ————————————————————————- stable/13/ c7d10e7ec872 stable/13-n245050 releng/13.0/ af6611e5adc6 releng/13.0-n244711 stable/12/ r369525 releng/12.2/ r369553 – ————————————————————————-
For FreeBSD 13 and later:
Run the following command to see which files were modified by a particular commit:
# git show –stat
Or visit the following URL, replacing HHHHHH with the hash:

To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run:
# git rev-list –count –first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN –summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:

VII. References


The latest revision of this advisory is available at —–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmBsveMACgkQ05eS9J6n 5cIfkA//bD0wm/rhdTUkyCeKhDCocFC/elfC+g7FsiG/eNJFh0mAiuTrC9Ja9+TN QU4xjZPx0kN6PxAgEzCqH2NgSL+MwW60ApxlH/kVhcFU/tOrUxmuFg8u9bk6/gU3 xRcpHzT5M4iFzrdyimbc9UvKHZet1Hh7CkIQwQZWvdrJYL3p+lODe3DpS9OUXcaJ S6eHGzMlTKQsV5m3vGEefRP1ByDNOT4w3q+w6s0K381ck8Y+k1SLQLLDZJuNR752 ixZdUg/oE82PIosoH8SXP8bHklRcHFsa6DmTLYGxxpKh9l++CyiytiQThUIlClfY 2KOKh1Y4ND5FU001g98OdikgfRJhf9mQIk4ytNyBjey3c/aBFtcJHzydrV5uPg4u SPvk59SEiRVZswQkR+kpXD8Maa7jkRTe6qbBhQ5+CiXEO/FWF108OVULn0saDycp NtGNa6Htichm+RWPeHnbCo5OwSW0wDHKUB2yP/EcCOkJtBPOBpL8r3iJSnk5ZsrH mTQeQzSrbzeD/pMOiEor6AIKjJoII2rWIT6v2RaofY5vb30kQl56/m7nrN1bm6n1 aatAsvJvFIaE6LVKkCpIkKaHEEmgOpf5/p4n2xia8i6xUc1BN14nq0xEaqGskesS bAe1TJZJnc6hHvdJVhuLxdT1CSStG56BrkJd2RtCAenwatJaRzQ= =UfpF —–END PGP SIGNATURE—– _______________________________________________ freebsd-security-notifications@freebsd.org mailing list lists.freebsd.org/mailman/listinfo/freebsd-security-notifications To unsubscribe, send any mail to “freebsd-security-notifications-unsubscribe@freebsd.org

FreeBSD Security Advisory FreeBSD-SA-21:08.vm

—–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512
============================================================================= FreeBSD-SA-21:08.vm Security Advisory The FreeBSD Project
Topic: Memory disclosure by stale virtual memory mapping
Category: core Module: vm Announced: 2021-04-06 Credits: Ryan Libby, Dell Inc. Affects: All supported versions of FreeBSD. Corrected: 2021-04-06 18:50:46 UTC (stable/13, 13.0-STABLE) 2021-04-06 19:18:49 UTC (releng/13.0, 13.0-RC5-p1) 2021-04-06 19:20:46 UTC (stable/12, 12.2-STABLE) 2021-04-06 19:21:30 UTC (releng/12.2, 12.2-RELEASE-p6) 2021-04-06 19:22:31 UTC (stable/11, 11.4-STABLE) 2021-04-06 19:22:56 UTC (releng/11.4, 11.4-RELEASE-p9) CVE Name: CVE-2021-29626
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
I. Background
Memory mappings shared between processes are a feature of the FreeBSD virtual memory system. They may be established by unprivileged processes with the mmap(2), fork(2), and other system calls.
II. Problem Description
A particular case of memory sharing is mishandled in the virtual memory system. It is possible and legal to establish a relationship where multiple descendant processes share a mapping which shadows memory of an ancestor process. In this scenario, when one process modifies memory through such a mapping, the copy-on-write logic fails to invalidate other mappings of the source page. These stale mappings may remain even after the mapped pages have been reused for another purpose.
III. Impact
An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.
IV. Workaround
No workaround is available.
V. Solution
Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot.
Perform one of the following:
1) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch # freebsd-update install # shutdown -r +10min “Rebooting for a security update”
2) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
[FreeBSD 13.0] # fetch security.FreeBSD.org/patches/SA-21:08/vm_fault.13.patch # fetch security.FreeBSD.org/patches/SA-21:08/vm_fault.13.patch.asc # gpg –verify vm_fault.13.patch.asc
[FreeBSD 12.2] # fetch security.FreeBSD.org/patches/SA-21:08/vm_fault.12.patch # fetch security.FreeBSD.org/patches/SA-21:08/vm_fault.12.patch.asc # gpg –verify vm_fault.12.patch.asc
[FreeBSD 11.4] # fetch security.FreeBSD.org/patches/SA-21:08/vm_fault.11.patch # fetch security.FreeBSD.org/patches/SA-21:08/vm_fault.11.patch.asc # gpg –verify vm_fault.11.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system.
VI. Correction details
The following list contains the correction revision numbers for each affected branch.
Branch/path Hash Revision – ————————————————————————- stable/13/ 2e08308d62f3 stable/13-n245117 releng/13.0/ 724bc23da1a9 releng/13.0-n244728 stable/12/ r369551 releng/12.2/ r369556 stable/11/ r369559 releng/11.4/ r369561 – ————————————————————————-
For FreeBSD 13 and later:
Run the following command to see which files were modified by a particular commit:
# git show –stat
Or visit the following URL, replacing HHHHHH with the hash:

To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run:
# git rev-list –count –first-parent HEAD
For FreeBSD 12 and earlier:
Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number:
# svn diff -cNNNNNN –summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:

VII. References

The latest revision of this advisory is available at —–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAmBsveMACgkQ05eS9J6n 5cJ0Xw/+JFP6UKPMxcYwmAmIoDS5YAsUzuDVQNooZzOQiltyVqPrHD3Dh/32+Tm3 W6yeITNcnUbVhFBPli3x0pHldCCcj1JQNtzUYcS/DKNvD2LxjB4bhiiE0YHImaP9 JWOMoc5rNYpOl4iKK5DZkQAxZsHu1zFSVt+0O/aL70bDCYupsslWBbRRkxgkeShW wGFhSMhlJ1QnnygzsICbyK5GP4XYqfAWZ5dviznNcZLrOifCLG6HNxixfOG/vf33 yZzwA7RSNpOyULC1AYmUqiEZWgABL63hOIiraD0sASteBhMY/DCjq/QLZKsaONsp FYemSTnW1hs1MVfTm4ecwgZJEJf8bV7cQXrxA3bLJmRoN9CcTGHDQCjFKHvMVXSe qU/n+CICO6Ly8nTmL0xYjpJLEQaQfC/98hXk2otpgIia8r5Gn1MOwooTdN+KWlfA LHzuP0Wf5NIjo1QkbbBRUSfCjV+dbGzRxgCYTGj1dN+XbR0uxeVtWeKXU3WaDIYI 6sT3L41yUBvEce7h/449RunNjRb5nuWczh3YTIzqDA3dEStLPKxlzL790M8TId6e XE+YclkxSTNMuxvCEw/vDJB4bZ2eOQ6noSzfrUqxjGnbtcuYP/RJGc3XrVZpiXbY u+OuE4Owve9e/sNCRqZeEQ2CHnntCdji0sk/CAlbkHcdHYPbunI= =rC4V —–END PGP SIGNATURE—– _______________________________________________ freebsd-security-notifications@freebsd.org mailing list lists.freebsd.org/mailman/listinfo/freebsd-security-notifications To unsubscribe, send any mail to “freebsd-security-notifications-unsubscribe@freebsd.org

[USN-4902-1] Django vulnerability

========================================================================== Ubuntu Security Notice USN-4902-1 April 06, 2021
python-django vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.10 – Ubuntu 20.04 LTS – Ubuntu 18.04 LTS – Ubuntu 16.04 LTS
Summary:
Django could be made to overwrite files.
Software Description: – python-django: High-level Python web development framework
Details:
Dennis Brinkrolf discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: python3-django 2:2.2.16-1ubuntu0.3
Ubuntu 20.04 LTS: python3-django 2:2.2.12-1ubuntu0.5
Ubuntu 18.04 LTS: python-django 1:1.11.11-1ubuntu1.12 python3-django 1:1.11.11-1ubuntu1.12
Ubuntu 16.04 LTS: python-django 1.8.7-1ubuntu5.15 python3-django 1.8.7-1ubuntu5.15
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-4902-1 CVE-2021-28658
Package Information: launchpad.net/ubuntu/+source/python-django/2:2.2.16-1ubuntu0.3 launchpad.net/ubuntu/+source/python-django/2:2.2.12-1ubuntu0.5 launchpad.net/ubuntu/+source/python-django/1:1.11.11-1ubuntu1.12 launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu5.15

[USN-4561-2] Rack vulnerabilities

========================================================================== Ubuntu Security Notice USN-4561-2 April 06, 2021
ruby-rack vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.10 – Ubuntu 20.04 LTS – Ubuntu 16.04 LTS
Summary:
Rack could be made to expose sensitive information over the network.
Software Description: – ruby-rack: modular Ruby webserver interface
Details:
USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10.
Original advisory details:
It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: ruby-rack 2.1.1-5ubuntu0.1
Ubuntu 20.04 LTS: ruby-rack 2.0.7-2ubuntu0.1
Ubuntu 16.04 LTS: ruby-rack 1.6.4-3ubuntu0.2
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-4561-2 ubuntu.com/security/notices/USN-4561-1 CVE-2020-8161, CVE-2020-8184
Package Information: launchpad.net/ubuntu/+source/ruby-rack/2.1.1-5ubuntu0.1 launchpad.net/ubuntu/+source/ruby-rack/2.0.7-2ubuntu0.1 launchpad.net/ubuntu/+source/ruby-rack/1.6.4-3ubuntu0.2

[USN-4901-1] Linux kernel (Trusty HWE) vulnerabilities

========================================================================== Ubuntu Security Notice USN-4901-1 April 06, 2021
linux-lts-trusty vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: – linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM
Details:
Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. (CVE-2020-28374)
Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363)
Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: linux-image-3.13.0-185-generic 3.13.0-185.236~12.04.1 linux-image-generic-lts-trusty 3.13.0.185.170
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: ubuntu.com/security/notices/USN-4901-1 CVE-2020-28374, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365

openSUSE2021:0513-1: important: Security update for chromium

openSUSE Security Update: Security update for chromium ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0513-1 Rating: important References: #1184256 Cross-References: CVE-2021-21194 CVE-2021-21195 CVE-2021-21196 CVE-2021-21197 CVE-2021-21198 CVE-2021-21199
Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Update to 89.0.4389.114 boo#1184256
– CVE-2021-21194: Use after free in screen capture – CVE-2021-21195: Use after free in V8 – CVE-2021-21196: Heap buffer overflow in TabStrip – CVE-2021-21197: Heap buffer overflow in TabStrip – CVE-2021-21198: Out of bounds read in IPC – CVE-2021-21199: Use Use after free in Aura
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-513=1

Package List:
– openSUSE Leap 15.2 (x86_64):
chromedriver-89.0.4389.114-lp152.2.83.1 chromedriver-debuginfo-89.0.4389.114-lp152.2.83.1 chromium-89.0.4389.114-lp152.2.83.1 chromium-debuginfo-89.0.4389.114-lp152.2.83.1
References:
www.suse.com/security/cve/CVE-2021-21194.html www.suse.com/security/cve/CVE-2021-21195.html www.suse.com/security/cve/CVE-2021-21196.html www.suse.com/security/cve/CVE-2021-21197.html www.suse.com/security/cve/CVE-2021-21198.html www.suse.com/security/cve/CVE-2021-21199.html bugzilla.suse.com/1184256

openSUSE2021:0510-1: moderate: Security update for curl

openSUSE Security Update: Security update for curl ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0510-1 Rating: moderate References: #1183933 #1183934 Cross-References: CVE-2021-22876 CVE-2021-22890 CVSS scores: CVE-2021-22876 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N CVE-2021-22890 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for curl fixes the following issues:
– CVE-2021-22890: TLS 1.3 session ticket proxy host mixup (bsc#1183934) – CVE-2021-22876: Automatic referer leaks credentials (bsc#1183933)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-510=1

Package List:
– openSUSE Leap 15.2 (i586 x86_64):
curl-7.66.0-lp152.3.15.1 curl-debuginfo-7.66.0-lp152.3.15.1 curl-debugsource-7.66.0-lp152.3.15.1 curl-mini-7.66.0-lp152.3.15.1 curl-mini-debuginfo-7.66.0-lp152.3.15.1 curl-mini-debugsource-7.66.0-lp152.3.15.1 libcurl-devel-7.66.0-lp152.3.15.1 libcurl-mini-devel-7.66.0-lp152.3.15.1 libcurl4-7.66.0-lp152.3.15.1 libcurl4-debuginfo-7.66.0-lp152.3.15.1 libcurl4-mini-7.66.0-lp152.3.15.1 libcurl4-mini-debuginfo-7.66.0-lp152.3.15.1
– openSUSE Leap 15.2 (x86_64):
libcurl-devel-32bit-7.66.0-lp152.3.15.1 libcurl4-32bit-7.66.0-lp152.3.15.1 libcurl4-32bit-debuginfo-7.66.0-lp152.3.15.1
References:
www.suse.com/security/cve/CVE-2021-22876.html www.suse.com/security/cve/CVE-2021-22890.html bugzilla.suse.com/1183933 bugzilla.suse.com/1183934

openSUSE2021:0512-1: moderate: Security update for OpenIPMI

openSUSE Security Update: Security update for OpenIPMI ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0512-1 Rating: moderate References: #1183178 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for OpenIPMI fixes the following issues:
– Fixed an issue where OpenIPMI was creating non-position independent binaries (bsc#1183178).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-512=1

Package List:
– openSUSE Leap 15.2 (i586 x86_64):
OpenIPMI-2.0.25-lp152.3.3.1 OpenIPMI-debuginfo-2.0.25-lp152.3.3.1 OpenIPMI-debugsource-2.0.25-lp152.3.3.1 OpenIPMI-devel-2.0.25-lp152.3.3.1 OpenIPMI-python-2.0.25-lp152.3.3.1 OpenIPMI-python-debuginfo-2.0.25-lp152.3.3.1
References:
bugzilla.suse.com/1183178

ANNOUNCE: mousepad 0.5.4 released

mousepad 0.5.4 is now available for download from
archive.xfce.org/src/apps/mousepad/0.5/mousepad-0.5.4.tar.bz2 archive.xfce.org/src/apps/mousepad/0.5/mousepad-0.5.4.tar.bz2?sha1 archive.xfce.org/src/apps/mousepad/0.5/mousepad-0.5.4.tar.bz2?sha256
What is mousepad? =================
A simple text editor for Xfce.
Website: docs.xfce.org/apps/mousepad/
Release notes for 0.5.4 ======================= – New Features: – Add –line/-l and –column/-c number (#107, !83) – Port to GtkSourceView 4 (#55, #80, !10)
– Bug Fixes: – Delay request to scroll to cursor for the correct active view – Monitor hardlinks with glib 2.56.2 (#110, !82) – Transfer encoding from remote to primary instance (#109) – Prevent a crash when no language is found – Make window require attention when opening new tabs (#106, #93, !81) – Fix BOM array (!80) – Correctly initialize toolbar style combo box (#103) – Allow checking parent sources when looking up schema (#101) – Fix missing parameter to “select-all” signal (!79)
– Translation Updates: Hebrew, Indonesian, Spanish, Swedish _______________________________________________ Xfce-announce mailing list Xfce-announce@xfce.org mail.xfce.org/mailman/listinfo/xfce-announce

openSUSE2021:0496-1: important: Security update for tomcat

openSUSE Security Update: Security update for tomcat ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0496-1 Rating: important References: #1182909 #1182912 Cross-References: CVE-2021-25122 CVE-2021-25329 CVSS scores: CVE-2021-25122 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-25122 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-25329 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-25329 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for tomcat fixes the following issues:
CVE-2021-25122: Apache Tomcat h2c request mix-up (bsc#1182912) CVE-2021-25329: Complete fix for CVE-2020-9484 (bsc#1182909)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-496=1

Package List:
– openSUSE Leap 15.2 (noarch):
tomcat-9.0.36-lp152.2.22.1 tomcat-admin-webapps-9.0.36-lp152.2.22.1 tomcat-docs-webapp-9.0.36-lp152.2.22.1 tomcat-el-3_0-api-9.0.36-lp152.2.22.1 tomcat-embed-9.0.36-lp152.2.22.1 tomcat-javadoc-9.0.36-lp152.2.22.1 tomcat-jsp-2_3-api-9.0.36-lp152.2.22.1 tomcat-jsvc-9.0.36-lp152.2.22.1 tomcat-lib-9.0.36-lp152.2.22.1 tomcat-servlet-4_0-api-9.0.36-lp152.2.22.1 tomcat-webapps-9.0.36-lp152.2.22.1
References:
www.suse.com/security/cve/CVE-2021-25122.html www.suse.com/security/cve/CVE-2021-25329.html bugzilla.suse.com/1182909 bugzilla.suse.com/1182912

openSUSE2021:0494-1: Security update for tar

openSUSE Security Update: Security update for tar ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0494-1 Rating: low References: #1181131 Cross-References: CVE-2021-20193 CVSS scores: CVE-2021-20193 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-20193 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for tar fixes the following issues:
CVE-2021-20193: Memory leak in read_header() in list.c (bsc#1181131)
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-494=1

Package List:
– openSUSE Leap 15.2 (i586 x86_64):
tar-1.30-lp152.4.3.1 tar-debuginfo-1.30-lp152.4.3.1 tar-debugsource-1.30-lp152.4.3.1 tar-rmt-1.30-lp152.4.3.1 tar-rmt-debuginfo-1.30-lp152.4.3.1 tar-tests-1.30-lp152.4.3.1 tar-tests-debuginfo-1.30-lp152.4.3.1
– openSUSE Leap 15.2 (noarch):
tar-backup-scripts-1.30-lp152.4.3.1 tar-doc-1.30-lp152.4.3.1 tar-lang-1.30-lp152.4.3.1
References:
www.suse.com/security/cve/CVE-2021-20193.html bugzilla.suse.com/1181131

openSUSE2021:0495-1: moderate: Security update for ovmf

openSUSE Security Update: Security update for ovmf ______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0495-1 Rating: moderate References: #1183578 #1183579 Cross-References: CVE-2021-28210 CVE-2021-28211 CVSS scores: CVE-2021-28210 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H CVE-2021-28211 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for ovmf fixes the following issues:
– CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo (bsc#1183578) – CVE-2021-28210: ovmf: unlimited FV recursion, round 2 (bsc#1183579)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-495=1

Package List:
– openSUSE Leap 15.2 (i586 x86_64):
ovmf-201911-lp152.6.11.1 ovmf-tools-201911-lp152.6.11.1
– openSUSE Leap 15.2 (x86_64):
qemu-ovmf-x86_64-debug-201911-lp152.6.11.1
– openSUSE Leap 15.2 (noarch):
qemu-ovmf-ia32-201911-lp152.6.11.1 qemu-ovmf-x86_64-201911-lp152.6.11.1
References:
www.suse.com/security/cve/CVE-2021-28210.html www.suse.com/security/cve/CVE-2021-28211.html bugzilla.suse.com/1183578 bugzilla.suse.com/1183579

Ubuntu 21.04 (Hirsute Hippo) Final Beta released

The Ubuntu team is pleased to announce the Beta release of the Ubuntu 21.04 Desktop, Server, and Cloud products.
21.04, codenamed “Hirsute Hippo”, continues Ubuntu’s proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, introducing new features and fixing bugs.
This Beta release includes images from not only the Ubuntu Desktop, Server, and Cloud products, but also the Kubuntu, Lubuntu, Ubuntu Budgie, UbuntuKylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu flavours.
The Beta images are known to be reasonably free of showstopper image build or installer bugs, while representing a very recent snapshot of 21.04 that should be representative of the features intended to ship with the final release expected on April 22nd, 2021.
Ubuntu, Ubuntu Server, Cloud Images: Hirsute Beta includes updated versions of most of our core set of packages, including a current 5.11 kernel, and much more.
To upgrade to Ubuntu 21.04 Beta from Ubuntu 20.10, follow these instructions:
help.ubuntu.com/community/HirsuteUpgrades
The Ubuntu 21.04 Beta images can be downloaded at:
releases.ubuntu.com/21.04/ (Ubuntu and Ubuntu Server on x86)
This Ubuntu Server image features the next generation Subiquity server installer, bringing the comfortable live session and speedy install of the Ubuntu Desktop to server users.
Additional images can be found at the following links:
cloud-images.ubuntu.com/daily/server/hirsute/current/ (Cloud Images) cdimage.ubuntu.com/releases/21.04/beta/ (Non-x86)
As fixes will be included in new images between now and release, any daily cloud image from today or later (i.e. a serial of 20210401 or higher) should be considered a Beta image. Bugs found should be filed against the appropriate packages or, failing that, the cloud-images project in Launchpad.
The full release notes for Ubuntu 21.04 Beta can be found at:
discourse.ubuntu.com/t/hirsute-hippo-release-notes
Kubuntu: Kubuntu is the KDE based flavour of Ubuntu. It uses the Plasma desktop and includes a wide selection of tools from the KDE project.
The Beta images can be downloaded at: cdimage.ubuntu.com/kubuntu/releases/21.04/beta/
Lubuntu: Lubuntu is a flavor of Ubuntu which uses the Lightweight Qt Desktop Environment (LXQt). The project’s goal is to provide a lightweight yet functional Linux distribution based on a rock-solid Ubuntu base.
The Beta images can be downloaded at: cdimage.ubuntu.com/lubuntu/releases/21.04/beta/
Ubuntu Budgie: Ubuntu Budgie is community developed desktop, integrating Budgie Desktop Environment with Ubuntu at its core.
The Beta images can be downloaded at: cdimage.ubuntu.com/ubuntu-budgie/releases/21.04/beta/
UbuntuKylin: UbuntuKylin is a flavor of Ubuntu that is more suitable for Chinese users.
The Beta images can be downloaded at: cdimage.ubuntu.com/ubuntukylin/releases/21.04/beta/
Ubuntu MATE: Ubuntu MATE is a flavor of Ubuntu featuring the MATE desktop environment.
The Beta images can be downloaded at: cdimage.ubuntu.com/ubuntu-mate/releases/21.04/beta/
Ubuntu Studio: Ubuntu Studio is a flavor of Ubuntu that provides a full range of multimedia content creation applications for each key workflow: audio, graphics, video, photography and publishing.
The Beta images can be downloaded at: cdimage.ubuntu.com/ubuntustudio/releases/21.04/beta/
Xubuntu: Xubuntu is a flavor of Ubuntu that comes with Xfce, which is a stable, light and configurable desktop environment.
The Beta images can be downloaded at: cdimage.ubuntu.com/xubuntu/releases/21.04/beta/
Regular daily images for Ubuntu, and all flavours, can be found at: cdimage.ubuntu.com
Ubuntu is a full-featured Linux distribution for clients, servers and clouds, with a fast and easy installation and regular releases. A tightly-integrated selection of excellent applications is included, and an incredible variety of add-on software is just a few clicks away.
Professional technical support is available from Canonical Limited and hundreds of other companies around the world. For more information about support, visit ubuntu.com/support
If you would like to help shape Ubuntu, take a look at the list of ways you can participate at: ubuntu.com/community/participate
Your comments, bug reports, patches and suggestions really help us to improve this and future releases of Ubuntu. Instructions can be found at: help.ubuntu.com/community/ReportingBugs
You can find out more about Ubuntu and about this beta release on our website, IRC channel and wiki.
To sign up for future Ubuntu announcements, please subscribe to Ubuntu’s very low volume announcement list at:
lists.ubuntu.com/mailman/listinfo/ubuntu-announce
On behalf of the Ubuntu Release Team, Łukasz ‘sil2100’ Zemczak

[USN-4900-1] OpenEXR vulnerabilities

========================================================================== Ubuntu Security Notice USN-4900-1 April 01, 2021
openexr vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.10 – Ubuntu 20.04 LTS – Ubuntu 18.04 LTS – Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in OpenEXR.
Software Description: – openexr: tools for the OpenEXR image format
Details:
It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: libopenexr25 2.5.3-2ubuntu0.2 openexr 2.5.3-2ubuntu0.2
Ubuntu 20.04 LTS: libopenexr24 2.3.0-6ubuntu0.5 openexr 2.3.0-6ubuntu0.5
Ubuntu 18.04 LTS: libopenexr22 2.2.0-11.1ubuntu1.6 openexr 2.2.0-11.1ubuntu1.6
Ubuntu 16.04 LTS: libopenexr22 2.2.0-10ubuntu2.6 openexr 2.2.0-10ubuntu2.6
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-4900-1 CVE-2021-3474, CVE-2021-3475, CVE-2021-3476, CVE-2021-3477, CVE-2021-3478, CVE-2021-3479
Package Information: launchpad.net/ubuntu/+source/openexr/2.5.3-2ubuntu0.2 launchpad.net/ubuntu/+source/openexr/2.3.0-6ubuntu0.5 launchpad.net/ubuntu/+source/openexr/2.2.0-11.1ubuntu1.6 launchpad.net/ubuntu/+source/openexr/2.2.0-10ubuntu2.6