Skip to main content

Buscar

Resultados para: incorrect


 

In Praise of APL: A Language for Lyrical Programming (1977)


In Praise of APL: A Language for Lyrical Programming Professor Alan J. Perlis Yale University Many reasons can be given for teaching one or more aspects of computer science (defined as the study of…

HN Discussion: https://news.ycombinator.com/item?id=18688990
Posted by bladecatcher (karma: 606)
Post stats: Points: 100 - Comments: 52 - 2018-12-15T16:24:00Z

\#HackerNews #1977 #apl #for #language #lyrical #... ver más

 

 

Rare brain-eating amoebas killed woman who rinsed her sinuses with tap water


Researchers said the amoebas likely got into the woman's brain through the tap water she used to fill a neti pot, rather than using saline or sterile water. The organisms entered her brain after she…
Article word count: 1193

HN Discussion: https://news.ycombinator.com/item?id=18682285
Posted by prostoalex (karma: 69272)
Post stats: Points: 102 - Comments: 141 - 2018-12-14T16:57:21Z

\#HackerNews #amoebas #brain-eating #... ver más

 
l’article diu “...los recortes del gasto público realizados por los gobiernos independentistas presididos por el Sr. Mas y Puigdemont (y ahora Torra) han sido especialmente acentuados. ”
Catalunya no cobra el que per llei ha de rebre del Gobierno espanyol... per tant l’article és incorrecte. He deixat de llegir-lo.

 

Dr. Elon and Mr. Musk: Life Inside Tesla's Production Hell


Unfettered genius. Unpredictable rages. Here's what it was like to work at Tesla as Model 3 manufacturing ramped up and the company's leader melted down.
Article word count: 73

HN Discussion: https://news.ycombinator.com/item?id=18679715
Posted by nem000 (karma: 77)
Post stats: Points: 110 - Comments: 89 - 2018-12-14T09:59:21Z

\#HackerNews #and #elon #hell #inside #life... ver más

 

Write Your Own Virtual Machine

  • Contents By: Justin Meiners & Ryan Pendleton 2. Introduction In this tutorial, I will teach you how to write your own virtual machine (VM) that can run assembly language programs, such as my…
    Article word count: 15
HN Discussion: https://news.ycombinator.com/item?id=18678699
Posted by vedosity (karma: 63)
Post stats: Points: 143 - Comments: 24 - 2018-12-14T05:36:38Z

\#HackerNews #machine #own #virtual #write #... ver más

 
> In accordance with tradition at Bitcoin Idiots, LLC, the entire field of economics is derived from first principles (again) and then furious partisan bickering dominates the threads, as Hackernews furiously incorrects one another on why money exists at all.

 

Etsy’s experiment with immutable documentation


Introduction Writing documentation is like trying to hit a moving target. The way a system works changes constantly, so as soon as you write a piece of documentation for it, it starts to get stale.…

HN Discussion: https://news.ycombinator.com/item?id=18674158
Posted by telotortium (karma: 741)
Post stats: Points: 153 - Comments: 54 - 2018-12-13T17:31:38Z

\#HackerNews #documentation #etsys #experiment #... ver más

 
@pericat I'm worried about finding random internet holidays, as I don't want to bring in something that is incorrect or has multiple answers. I really want something I can talk to someone about, don't worry about it.

 

USN-3845-1: FreeRDP vulnerabilities


freerdp, freerdp2 vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in FreeRDP.

Software Description

  • freerdp2 - RDP client for Windows Terminal Services
  • freerdp - RDP client for Windows Terminal Services

Details


Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applies to Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8784, CVE-2018-8785)

Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-8786, CVE... ver más

 

USN-3843-2: pixman vulnerability


pixman vulnerability


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 12.04 ESM

Summary


pixman could be made to crash or run programs if it processed specially crafted instructions.

Software Description

  • pixman - pixel-manipulation library for X and cairo

Details


USN-3843-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that pixman incorrectly handled the general_composite_rect function. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESMlibpixman-1-0 - 0.30.2-1ubuntu0.0.0.0.4
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all the necessary changes.

References


https://usn.ubuntu.com/3843-2/

 
28 Minuten | Der Club (12.10.2018)

 

USN-3843-1: pixman vulnerability


pixman vulnerability


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 14.04 LTS

Summary


pixman could be made to crash or run programs if it processed specially crafted instructions.

Software Description

  • pixman - pixel-manipulation library for X and cairo

Details


It was discovered that pixman incorrectly handled the general_composite_rect function. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTSlibpixman-1-0 - 0.30.2-2ubuntu1.2
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all the necessary changes.

References


https://usn.ubuntu.com/3843-1/

 

USN-3837-2: poppler regression


poppler regression


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


USN-3837-1 introduced a regression in poppler.

Software Description

  • poppler - PDF rendering library

Details


USN-3837-1 fixed vulnerabilities in poppler. A regression was reported regarding the previous update. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-16646)

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-19149)

Update instructions


Th... ver más

 
New Release: Tor Browser 8.0.4

gkDecember 11, 2018

Tor Browser 8.0.4 is now available from the Tor Browser Project page and also from our distribution directory.

This release features important security updates to Firefox.

Tor Browser 8.0.4 contains updates to Tor (0.3.4.9), OpenSSL (1.0.2q) and other bundle components. Additionally, we backported a number... ver más

 
The Founding Fathers were very aware of the dangers of religious extremism / zealotry. In fact, many of the Founding Fathers were not even Christian and were skeptical of organized religion in general.

The religions of some leading figures of the U.S. in the 18th and 19th centuries
Benjamin Franklin (Founding Father, scientist, inventor, philosopher) – Deist

“The way to see by faith is to shut the eye of reason.” Benjamin Franklin Poor Richard’s Almanack, 1758

“Lighthouses are more helpful than churches.”

“He (the Rev. Mr. Whitefield) used, indeed, sometimes to pray for my conversion, but never had the satisfaction of believing that his prayers were heard.”

“I have found Christian dogma unintelligible. Early in life, I absenteed myself from Christian assemblies.”

“Some volumes against Deism fell into my hands. They were said to be the substance of sermons preached at Boyle’s Lecture. It happened that they produced on me an effect precisely the reverse of what was inten... ver más

 
@crushv @socalledunitedstates To be fair, it does say that there are multiple systems as part of the network and *names* them. It's preceded by saying activitypub and fediverse, and followed by saying peertube and (incorrectly, I think?) diaspora. So I don't think they were trying to call the fediverse the mastodon network, though I agree it's not the best way to phrase it

 

USN-3842-1: CUPS vulnerability


cups vulnerability


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


CUPS could be made to expose sensitive information.

Software Description

  • cups - Common UNIX Printing System™

Details


Jann Horn discovered that CUPS incorrectly handled session cookie randomness. A remote attacker could possibly use this issue to perform cross-site request forgery (CSRF) attacks.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10cups - 2.2.8-5ubuntu1.1Ubuntu 18.04 LTScups - 2.2.7-1ubuntu2.2Ubuntu 16.04 LTScups - 2.1.3-4ubuntu0.6Ubuntu 14.04 LTScups - 1.7.2-0ubuntu1.11
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References


https://usn.ubuntu.com/3842-1/

 

USN-3841-2: lxml vulnerability


lxml vulnerability


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 12.04 ESM

Summary


lxml could allow cross-site scripting (XSS) attacks.

Software Description

  • lxml - pythonic binding for the libxml2 and libxslt libraries

Details


USN-3841-1 fixed a vulnerability in lxml. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that lxml incorrectly handled certain HTML files. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESMpython-lxml - 2.3.2-1ubuntu0.3python3-lxml - 2.3.2-1ubuntu0.3
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References


https://usn.ubuntu.com/3841-2/

 

USN-3841-1: lxml vulnerability


lxml vulnerability


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


lxml could allow cross-site scripting (XSS) attacks.

Software Description

  • lxml - pythonic binding for the libxml2 and libxslt libraries

Details


It was discovered that lxml incorrectly handled certain HTML files. An attacker could possibly use this issue to conduct cross-site scripting (XSS) attacks.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTSpython-lxml - 4.2.1-1ubuntu0.1python3-lxml - 4.2.1-1ubuntu0.1Ubuntu 16.04 LTSpython-lxml - 3.5.0-1ubuntu0.1python3-lxml - 3.5.0-1ubuntu0.1Ubuntu 14.04 LTSpython-lxml - 3.3.3-1ubuntu0.2python3-lxml - 3.3.3-1ubuntu0.2
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References


https://usn.ubuntu.com/3841-1/

 

Some unexplained physical symptoms may be caused by unresolved emotional trauma


‘It’s all in your head’ isn’t something many patients love to hear, but for some of those with the least understood and most expensive ailments, it may be true – and a made-in-Canada approach is…
Article word count: 3973

HN Discussion: https://news.ycombinator.com/item?id=18641967
Posted by adriand (karma: 3388)
Post stats: Points: 134 - Comments: 73 - 2018-12-09T17:18:34Z

\#HackerNews #caused #emotional #... ver más

 
La comunidad científica afirma que el emoji de calamar de Apple es anatómicamente incorrecto: "Es como tener un culo sobre tu frente" #gizmodo #tecnologia

 

Rocket v0.4: Typed URIs, Database Support, Revamped Queries, and More


I am elated to announce that the next major release of Rocket is now available! Rocket 0.4 is a step forward in every direction: it is packed with features and improvements that increase developer…
Article word count: 16

HN Discussion: https://news.ycombinator.com/item?id=18636113
Posted by sbenitez (karma: 436)
Post stats: Points: 114 - Comments: 24 - 2018-12-08T16:56:18Z

\#HackerNews #and #database #more #queries #... ver más

 

USN-3840-1: OpenSSL vulnerabilities


openssl, openssl1.0 vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in OpenSSL.

Software Description

  • openssl - Secure Socket Layer (SSL) cryptographic library and tools
  • openssl1.0 - Secure Socket Layer (SSL) cryptographic library and tools

Details


Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)

Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)

Billy Bob Brum... ver más

 

USN-3839-1: WavPack vulnerabilities


wavpack vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in WavPack.

Software Description

  • wavpack - audio codec (lossy and lossless) - encoder and decoder

Details


It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-19840, CVE-2018-19841)

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10libwavpack1 - 5.1.0-4ubuntu0.1wav... ver más

 

USN-3838-1: LibRaw vulnerabilities


libraw vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


LibRaw could be made to crash or run programs as your login if it opened a specially crafted file.

Software Description

  • libraw - raw image decoder library

Details


It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTSlibraw16 -... ver más

 

USN-3811-3: SpamAssassin vulnerabilities


spamassassin vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 12.04 ESM

Summary


Several security issues were fixed in SpamAssassin.

Software Description

  • spamassassin - Perl-based spam filter using text analysis

Details


USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11780)

It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11781)

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESMspamassassi... ver más

 
You mean intelligent, or perhaps erudite, or maybe eloquent.

"Smart" is an incorrect use of the word in that context.

 
**The Holy Spirit is Not a Person - Greek Text

Translator's explanation of John 14, 15 and 16 which concern “the Spirit of the Truth” and “The Comforter”:**

"“The Spirit of the Truth,” in John 14:17 comes from the Greek to pneuma tees aleetheias, and is another designation for “The Holy Spirit.” In the New Testament Greek, “The Holy Spirit” is always a neuter noun, which truly reflects the Scriptural teaching that the Holy Spirit is the power of God and not a person. The Greek nouns for “Spirit,” “the Spirit,” “Holy Spirit” and “the Holy Spirit” (KJV “Holy Ghost”) are as follows: pneuma, to pneuma, pneuma hagion, to hagion pneuma, to pneuma to hagion, and the above referenced to pneuma tees aleetheias. These nouns, in their various forms, are always and only neuter in gender. Likewise, the pronouns for to pneuma to hagion are always and only neuter in gender. Therefore, it is absolutely incorrect to translate “the Spirit,” “the Holy S... ver más

 

USN-3837-1: poppler vulnerabilities


poppler vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in poppler.

Software Description

  • poppler - PDF rendering library

Details


It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060)

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-19149)

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10... ver más

 

USN-3834-2: Perl vulnerabilities


perl vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 12.04 ESM

Summary


Several security issues were fixed in Perl.

Software Description

  • perl - Practical Extraction and Report Language

Details


USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313)

Update instructions


The problem can be corrected by updating your system to the following pac... ver más

 

USN-3834-1: Perl vulnerabilities


perl vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in Perl.

Software Description

  • perl - Practical Extraction and Report Language

Details


Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312)

Eiichi Tsukata discovered that Perl incorrectly handled certain re... ver más

 

The deepest problem with deep learning


Some reflections on an accidental Twitterstorm, the future of AI and deep learning, and what happens when you confuse a schoolbus with a…
Article word count: 4035

HN Discussion: https://news.ycombinator.com/item?id=18577813
Posted by dsr12 (karma: 26005)
Post stats: Points: 115 - Comments: 76 - 2018-12-01T17:41:23Z

\#HackerNews #deep #deepest #learning #problem #... ver más

 
in fact,i spelled it incorrectly when i was quoting you :D

 

Complex exponentials


Here’s something that comes up occasionally, a case where I have to tell
someone “It doesn’t work that way.” I’ll write it up here so next time I
can just send them a link instead of retyping my explanation.

Rules for exponents


The rules for manipulating expressions with real numbers carry over to
complex numbers so often that it can be surprising when a rule doesn’t
carry over. For example, the rule

(b^x^)^y^ = b^xy^

holds when b is a positive real number and x and y are real
numbers, but doesn’t necessarily hold when x or y are complex. In
particular, if x is complex,

(e^x^)^y^ = e^xy^

does not hold in general, though it does hold when y is an integer. If
it did hold, and this is where people get in... ver más

 

#VA decides to retroactively pay #veterans


#Wilkie’s statement Thursday means VA will go back through its education claims prior to December 2019 to ensure that all veterans are paid correctly. The secretary also clarified that all GI Bill recipients who had been impacted by delayed or incorrect payments in the past academic year would have their housing benefits “based on Forever #GI Bill rates.”

And in the end, they made up their mind and decided that not paying the veterans due to circumstances they were not able to influence would be a bad idea to a country that counts so much on its soldiers. Well, who could have thought that? It's only sad to see that it has to be publicised before they act. It's not a turn out of be... ver más

 

USN-3795-3: libssh regression


libssh regression


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


USN-3795-1 and USN-3795-2 introduced a regression in libssh.

Software Description

  • libssh - A tiny C SSH library

Details


USN-3795-1 and USN-3795-2 fixed a vulnerability in libssh. The upstream fix introduced a regression. This update fixes the problem.

Original advisory details:

Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10libssh-4 -... ver más

 

How we spent two weeks hunting an NFS bug in the Linux kernel


Here's an in-depth recap of debugging a GitLab issue that culminated in a patch for the Linux kernel.
Article word count: 2915

HN Discussion: https://news.ycombinator.com/item?id=18556775
Posted by fanf2 (karma: 11314)
Post stats: Points: 129 - Comments: 10 - 2018-11-28T23:43:04Z

\#HackerNews #bug #how #hunting #kernel #linux #... ver más

 
Paul-
  • I never quote snopes, for moral reasons.
  • Also, I said 1977 truck. no such thing as metric in those days whether inside the vehicle or out.
  • fractions are the spice of life. decimals are cold and lifeless. I can easily write pi as a fraction: c/d , along with the golden rectangle: 1 + 1 / phi . And the decimal version? 3.14 is incorrect. so is 3.141592653....Also: 1.618 is not right either.
how do people live with spindly ass weak ass legs in the US
Dunno- I'm 6' 0", 185 lbs, and I can press over 700 lbs on a sled. I've ridden my bicycle across the state of Utah (over 300 miles) on my spindly US legs. :)

I understand the push for metric- all based on a base 10 system. But even the meter isn't actually correct- it's off by 2 mm from it's own definition. And it's been shrinking ever since it was platninum-ized in France.

No, for me, the king's foot, the king's digit, the hand (4 "), the yard, the mile, the stone, the fathom, etc, are m... ver más

 

Homo sapiens sapiens is omnivorous.


My opinion is that both "carnists" and vegans follow an incorrect lifestyle. Infants should have a balanced diet and ingest as few chemical food supplements as possible in favor of meat, vegetables and fresh fruit. The same applies to adults, with the use of nutritional supplements to compensate for occasional vitamin deficiencies, but not as a replacement for a complete and balanced diet.
A balanced diet (like the Mediterranean one) combined with physical activity guarantees a long and happy life.

 

USN-3829-1: Git vulnerabilities


git vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in Git.

Software Description

  • git - fast, scalable, distributed revision control system

Details


It was discovered that Git incorrectly handled layers of tree objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15298)

It was discovered that Git incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-19486)

Update instructions


The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10... ver más

 

USN-3827-2: Samba vulnerabilities


samba vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 12.04 ESM

Summary


Several security issues were fixed in Samba.

Software Description

  • samba - SMB/CIFS file, print, and login server for Unix

Details


USN-3827-1 fixed a vulnerability in samba. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-14629)

Alex MacCuish discovered that Samba incorrectly handled memory when configured to accept smart-card authentication. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16841)

Garming Sam discovered that Samba incorrectly handled memory when proces... ver más

 

USN-3816-3: systemd regression


systemd regression


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 16.04 LTS

Summary


USN-3816-1 caused a regression in systemd-tmpfiles.

Software Description

  • systemd - system and service manager

Details


USN-3816-1 fixed vulnerabilities in systemd. The fix for CVE-2018-6954 caused a regression in systemd-tmpfiles when running Ubuntu inside a container on some older kernels. This issue only affected Ubuntu 16.04 LTS. In order to continue to support this configuration, the fixes for CVE-2018-6954 have been reverted.

We apologize for the inconvenience.

Original advisory details:

Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686)

Jann Horn discove... ver más

 

pigeonhole


Definition: (verb) Treat or classify according to a mental stereotype. Usage: It would be incorrect to pigeonhole her as a children\'s author, since many adults also enjoy her books.

\#WOTD \#TheFreeDictionary \#pigeonhole

Via https://thefreedictionary.com

 

USN-3827-1: Samba vulnerabilities


samba vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in Samba.

Software Description

  • samba - SMB/CIFS file, print, and login server for Unix

Details


Florian Stuelpner discovered that Samba incorrectly handled CNAME records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-14629)

Alex MacCuish discovered that Samba incorrectly handled memory when configured to accept smart-card authentication. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service. (CVE-2018-16841)

Garming Sam discovered that Samba incorrectly handled memory when processing LDAP searches. A remote attacker could possibly use this issue to cause Samb... ver más

 
Mi scusi @Lorenzo Ancora. I don’t speak Italian; I only know a few short phrases. :-)
@Ted ah, then it is time to learn it: how could it be a bad idea to learn the language of the great poet (Dante Alighieri)? ;-)
I will translate the previous message for you:
@Ted I was impressed and so I've posted it. Actually it is a bit disturbing, has almost a bad taste: instilling fear in users by showing data but without explaining its full meaning is incorrect. However it is useful for those who want to clean up their tracks online ... :-)

 

USN-3826-1: QEMU vulnerabilities


qemu vulnerabilities


A security issue affects these releases of Ubuntu and its derivatives:
  • Ubuntu 18.10
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary


Several security issues were fixed in QEMU.

Software Description

  • qemu - Machine emulator and virtualizer

Details


Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-10839)

It was discovered that QEMU incorrectly handled the Slirp networking back-end. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only af... ver más